802.11k and 802.11r are 2008 IEEE standards designed to make device roaming more efficient within a WLAN network.
Usually, when a network device needs to connect to a new access point, it automatically chooses the one with the strongest signal. However, in a dense WLAN environment, the AP with the strongest signal can get overloaded to full capacity.
802.11k provides an efficient way for the network to reroute the device to another AP, which might have a weaker signal but can still deliver adequate connectivity.
The process is simple:
When the device moves away from one access point, the AP informs the client device, which prompts the client device to request a list of nearby access points. The list is sent, and the client device moves to the best AP from the list.
Typically, in a WPA2 Enterprise security situation, a client device must go through a 4-way authentication process with every access point to which it connects.
The client device automatically lets the server know it wants to connect (DHCP discover), the server offers the device an IP address (DHCP offer), the client device accepts (DHCP request), and the server configures the device and grants access to the network (DHCP pack).
To prevent a device from having to go through this laborious process over and over again as the user moves through a network environment, 802.11r allows the first AP to "vouch" for the device with every other AP on the network. Device credentials are sent to all other access points, eliminating the need for an authentication procedure every time a device disconnects from one AP and connects to another.
802.11r uses Fast Basic Service Set Transition (FT) to allow encryption keys to be stored on all of the APs in a network. This way, a client doesn't need to perform the complete authentication process to a backend server every time it roams to a new AP within the network. Thus avoiding a significant amount of latency that would have previously delayed network connectivity.