Starting with iOS 8, we improved roaming in enterprise environments for these iOS devices:
- iPad Pro
- iPhone 5s and later
- iPad Air and later
- iPad mini 2 and later
- iPod touch (6th generation) and later
These improvements don’t apply to other devices or to consumer environments.
This is the minimum signal level a client needs to maintain a connection.
iOS clients monitor and maintain the Basic Service Set Identifier (BSSID)’s connection until the Received Signal Strength Indicator (RSSI) exceeds -70 dBm. Then, iOS scans for roam candidate BSSIDs for the new Extended Service Set Identifier (ESSID).
Keep this in mind when you design wireless cells and calculate their signal overlap. For example, you might design 5 GHz cells that have a -67 dBm overlap. In this case, the iOS client keeps its connection to the BSSID longer than you expect. This is because iOS uses -70 dBm as the trigger. If the BSSID's RSSI is greater than -65 dBm, the iOS client prefers a 5 GHz network.
Be sure to use the target device to measure cell overlap. Antennas on a notebook computer are much larger and more powerful than antennas on a smartphone or tablet. So if you use a notebook to measure overlap, iOS devices will have different cell boundaries than you expect.
This is when stations check for access points (APs) that support the current ESSID. The stations check all available channels in either the 2.4 GHz band or the 5 GHz band.
The roam scan runs more quickly if you turn on 802.11k on your control plane. This helps because iOS uses the first six entries in the neighbor report and reviews them to prioritize its scans. If you don’t turn on 802.11k, iOS has to scan more methodically. This can add several seconds to the discovery process.
For example, a user who is on a call might walk to the other side of the building. When the device crosses the -70 dBm threshold, it scans for roam targets. If it uses the neighbor report that 802.11k provides, it finds APs that support the current ESSID on three channels. It immediately scans those channels, finds that the AP on a channel has the appropriate signal strength, and roams. If you don’t turn on 802.11k, the client has to scan every channel on each band to find a roam target. This can add several seconds to the process.
Roam candidate selection criteria
This information can help you design a wireless network that supports real-time services, like voice and video.
iOS 8 and later select target BSSIDs based on:
- Whether the client transmits or receives a series of 802.11 data packets
- The difference in signal strength against the current BSSID’s RSSI
When the client sends or receives data, it picks target BSSIDs whose RSSI is eight dB or greater than the current BSSID’s RSSI. When the client doesn't send or receive data, use a 12 dB differential.
For example, the RSSI of the current connection might drop to -75 dBm during a Voice over WLAN (VoWLAN) call. When this happens, iOS 8 and later search for BSSIDs that have an RSSI of at least -67 dBm.
If the call ends and the client stops sending or receiving data, iOS 8 and later search for BSSIDs that have an RSSI of at least -63 dBm. Note that 802.11 Management Frames and Control Frames don't count as data.
This is the amount of time that a client needs to authenticate to a new BSSID. To authenticate, the client has to find a valid roam candidate, then complete the roam process quickly. Otherwise, the user experiences an interruption in service.
Roaming is where the client authenticates against the new BSSID and deauthenticates from the current BSSID. The amount of time that this takes depends on the security and authentication method that you use.
If you use 802.1X-based authentication, the client must complete the EAP key exchange before it deauthenticates from the BSSID. This can take several seconds, depending on the environment’s authentication infrastructure. When this happens, the user experiences an interruption of service.
If you use 802.11r-based authentication, the client can preauthenticate against potential access points. This reduces the authentication time to milliseconds, and the user is unlikely to experience an interruption of service.
The Wi-Fi scanner in AirPort Utility
Apple’s AirPort Utility for iOS 1.3.4 includes a Wi-Fi scanner that logs the client’s view of the network. Administrators can use it to validate the client’s view of the network at a specific location.
For accurate results, use the Wi-Fi scanner on a dedicated device that’s the same model as the iOS client.
On your iOS device, go to Settings > AirPort Utility to turn on the Wi-Fi scanner.
Next, open Airport Utility and tap Wi-Fi Scan.
By default, Wi-Fi Scanner runs continuously. Use the slider to set a scan duration of up to 60 seconds.
To start the scan, tap Scan. AirPort Utility lists all the SSIDs that it finds. This includes hidden networks, which appear as "Network name unavailable."
The AirPort Utility scans all available bands at four-second intervals. Enterprise networks that have multiple access points are grouped by BSSID. The scanner shows information about:
- Last RSSI
- Last Time Found
To view a trace log of the scan results for an SSID and BSSID, tap the SSID:
The trace log shows the date and time of the scan, along with the channel and RSSI.
After the scan completes, you can share the results. Just tap the share icon (), then choose one of these options:
AirPort Utility sends the results as a comma-separated list:
SSID, BSS, RSSI, Channel, time
"ACES", "18:64:72:D3:E9:40", "-57", "11", "12:02:03 PM"
"Cuba", "F8:1E:DF:F9:56:BC", "-53", "149", "12:02:03 PM"
"ACES", "18:64:72:D3:E9:50", "-63", "149", "12:02:03 PM"
"Cuba", "F8:1E:DF:F9:56:BB", "-69", "11", "12:02:03 PM"
"ACES", "18:64:72:D3:E9:40", "-67", "11", "12:02:07 PM"
The first line is a column header that shows the SSID, BSS, RSSI, Channel, and date fields. To analyze or chart the results, import the list into a spreadsheet or other tool.