Wireless WANs

Mark Lachniet

Holt Public Schools

Agenda• Introductions• Overview of wireless technology• Antennas, towers, amps, and repeaters• Wireless in the network - bridges and routers• Specific products & solutions• Case in point - LRP• Benefits and cost analysis• Problems and “gotchas”• Questions and (maybe) answers

Introductions• Director of Information Systems @ Holt Public

Schools

• Novell Master CNE certified

• Microsoft MCSE certified

• Extensive work with Linux

• Designed and implemented a district-wide Wireless WAN starting in 1996 for Holt Public Schools

• Have maintained, serviced, and upgraded this network for over 3 years

• Have worked on developing Linux-based wireless bridges and routers using the Linux Router Project over the last year or so

Overview of wireless technology• Many different kinds of wireless networking products, but the most

popular interface with Ethernet networks• Many vendors: Aironet, Lucent, Prism, and many more • Many speeds: 1mb, 2mb, 11mb, and beyond (with microwave or load

sharing / duplexing)• Newly adopted standard for radio networks is 802.11 - designed to

allow interoperability of products from different vendors• Many new products coming out for products like Cell Phones,

PDA’s, and wireless LANs. Soon,Nextel will turn on the Internet web and Email functions on the i1000 line

• Prices have dropped steadily in the market, with Apple setting a new record for an 11mb/s wireless card at < $200

• Most wireless WANs actually use regular wireless LAN cards but with special software and antenna apparatus

Frequencies & Interference• There are several frequency ranges which are free for home use,

including the 900mhz range and the 2.4ghz range

• This is good because you don’t have to license it like you do with a microwave device

• This is bad because there can be interference outside of your control

• Within the 2.4ghz range are usually several discrete “channels”

• The options you have depend on your vendor - in the Wavelan ISA cards, you could pick from 6 frequencies, in the PCMCIA cards, you can pick from 11 channels

• This is useful if you want to have more than one device in use at a single location - for two different links on the same tower, for example

• This is also useful if you want to do load balancing or duplexing of data which is supported by Linux and some proprietary systems

• You must then select two frequencies that are as far apart from each other as possible to avoid a conflict

Aligning the antenna• This is really the trickiest part of the installation

• Use a “point to point” test or a SNR ratio to determine the optimal alignment

• Usually involves two people - one inside at the unit and the other at the tower

• Use 2-way radios to communicate and gradually move in on the target

• Can use a GPS to determine approximate location

• Sometimes a spin of only a few degrees is necessary

• Antennas can go out of alignment from wind, storms, and rugrats

Path Analysis• Provided by a company with a geographical database

• Used to determine the elevation between end points

Path Analysis Continued• Will also produce a report showing the optimal height to

mount the antenna on the tower

Speed• Theoretical speed vs. actual speed (the big scam in wireless)

• There is always a certain amount of overhead - a T1 line doesn’t actually move 1.5mb/s, more like 1.2mb/s - 10mb/s Ethernet is more like 8mb/s under ideal conditions

• With wireless, the actual speed vs. the theoretical speed is much lower than a comparable wired technology

• Differences between vendors - not all 11mb/s cards are created equal

• A Wavelan 11mb/s card can pull an actual throughput of about 4mb/s, or 500k bytes/s

• An older ISA Wavelan 2mb/s card can pull an actual throughput of about 190k bytes/s (a decent ratio compared to the “11mb” options)

• Fallback speeds - 11mb, 5mb, 2mb, 1mb (usually automatic)

• The speed edge - retransmit or lower the rate?

• Watch your retransmission statistics to determine what is going on

• Most cards can report a signal strength to noise ratio on their connection

Measuring throughput• Since the theoretical speed is wrong, the only way to know if

you have a good wireless network is to test it yourself

• When measuring throughput, make sure to use consistent end-devices in your testing - if you change variables, you won’t be able to take a good reading

• Remember that the wireless may not be the choke in a transfer - the Ethernet cards you use, drivers, hard drives, and the operating system all make an impact on FTP type transfers

• It may be a good idea to have a contractual provision that the wireless connection must meet a certain throughput criteria

• Throughput can go down over time - trees can grow, amps go bad, cables get corroded, wind blows antennas of alignment, and students use your antenna as a jungle-gym

Line of sight & distance• Your radio link must have line of sight• This doesn’t mean that you personally have to be able to see it,

but the signal must be unimpeded by solid objects• Signal can go through some trees,but there is a limit• Such things as rain, fog, and snow don’t seem to affect the

throughput at all• Ice definitely slows things down if it is caked on your

antennas. Unfortunately, this is also the most dangerous time to climb a tower (and the HR people hate that)

• With amplification, radio links can go as far as 15 miles under ideal conditions - maybe even more

• At Holt Schools, our longest link is 4 miles, and it is slightly slower than the closer links

Direct Sequence Spread Spectrum• Uses an algorithm to spread the data across the entire

usable frequency spectrum

• This provides a certain amount of security in itself because it is difficult to predict where the signal is and where the noise is

• Was originally a military technology - you can see why

Security• Security is definitely an issue with wireless WANs. Someone could

theoretically eavesdrop on your data (though it would be a major pain)

• Some wireless products us RSA encryption to encrypt the data across the wire

• This works well, but it also introduces a bit more load and can slow things down in radio network running at high speed (or on old hardware)

• Encryption can take place in hardware or in software

• A good example of hardware encryption is WEP (Wired Equivalency Protection) which is built into the high-end Wavelan cards

• There are numerous software-based encryption solutions as well such as VLAN technologies. As long as the hardware is fast enough, it will not slow things down

• Lastly, for the REALLY paranoid, you can use both hardware and software encryption

Antennas

OMNI directional Parabolic and YAGI

Nuts, Bolts, and Towers• For most taller installations (40+ feet), you will use a regular sectional

tower, similar to those used by ham radio enthusiasts and for TV antennas on country homes

• For smaller (or less expensive) towers, you can use a “H-50” telescoping mast which can be brought up and bolted

• Will typically use metal brackets and a wooden base to attach to the building if on the top of a building

• If on the ground, you will typically pour cement in the ground and mount there.

• Even with a sectional tower, you may wish to install H-50 on top so that you can easily loosen it and re-align without climbing up to the top

• Check your local authority for height limitations (90’?)

• Getting over the trees is the most important thing of all!

• For most towers, you will also need some guy-wires to keep everything from moving around

Signal amplifiers• Radio cards are not a health risk - the signal is only 1 watt, less

than a cell phone in terms of signal strength

• There are different kinds of amps for 915mhz and 2.4ghz wireless cards

• Amps have two modes and Flip-Flop between transmit and receive

• Eventually, amps go bad or burn out and must be replaced

• Sometimes amps go inside the building (for convenience)

• Sometimes amps go up on the tower (for more power)

• Always keep a few extra amps kicking around - you never know when you’ll need them

• Amps really do make a big difference in speed over a long distance run. I have seen throughput double with the addition of an amp

Coaxial cable• Is actually a very important factor in the reception of

signal

• Most radio coax is big, fat, and hard to work with

• Terminations are of the utmost importance and should be done by a professional - tracking down a loose connector is frustrating and time consuming because it is intermittent

• Must shrink-wrap the connections to keep them dry

• Water in the connections is terrible

• Coax is expensive, so think carefully about where you put your antenna and how long the cable run will be

• The longer the run, the more signal loss you will have

• Running the cable involves drilling through a wall to bring it inside, so be aware of this

Repeaters• In some situations you will need to install a repeater

system:

• If you have a long-distance run

• If there is uneven elevation

• Usually two directional antennas and wireless boxes, one looking each direction - in which case you’ll have to use two different frequencies on different ends of the spectrum

• Could also be an OMNI if the software repeats the signal

Holt’s Wireless Network

Wireless bridges• Operate at level 2 on the OSI model • Listens to both interfaces (in this case Wavelan and

Ethernet) and forwards packets between the two• Remembers the unique MAC addresses on each interfaces

and does not forward to an interface it knows the machine is not on

• This basically works like a hub that doesn’t forward anything unnecessarily

• A good way to link sites and reduce traffic at the same time

• Makes it look like everything is on one big network• Broadcast traffic always gets through

Wireless Routers• Work just like any other kind of router

• Have better performance than a bridge because the do flow control and buffering

• Operate at level 3 on the OSI model

• Allow you to better route and separate your traffic

• Can be built used as gateways

• Can be used to create tunnels or VPNs

• Scale better than bridges in large networks

Wireless End-Nodes• You can also have a wireless end-node

• The demo machine here is a good example - its an end-node right now because it isn’t plugged into the ethernet - only the wireless side is working

• I suppose if you were chintzy and only had one machine to network in a location it might be worth doing to save the expense of a router or bridge

• You might also only need an end node if you are plugging in a single firewall or server machine

• For example, if you run a Novell box with Border Manager on native IP, you would only need one machine hooked up and then funnel all the services through that one machine

Lucent Wavelan Card• The current Wavelan card is PCMCIA • Can be purchased in combination with an ISA

PCMCIA adapter for somewhere around $400• Runs at 11mb/s theoretical rate• Supports the 2.4ghz spectrum with 11 discrete sub-

channels to choose from• Runs under Windows 95, Linux, DOS, and FreeBSD

(possibly more)• A version for the Macintosh platform is now available

as well and is supposed to work quite well• Reportedly the best wireless card on the market

Lucent's WaveLAN Card

The “Pinnacle Link” product• Is a wireless bridge/router unit that utilizes the Wavelan

PCMCIA card

• Sold by Pinnacle Communications of Dayton Ohio (highly recommended)

• High in functionality and actively developed

• Can be used to route and filter network traffic by address or protocol

• Has a proprietary SNMP management utility that gives extensive link and unit information

• Will eventually be scaled to provide (2) Wavelan cards on different channels to do load balancing

• Comes in a 12”x7”x1” form factor for easy wall mounting

• Allows satellites to see each other as if they were part of a wired ethernet network

Regular vs. repeated wireless• In a regular radio network, the satellites can’t see each

other on the network because they can’t see the signals - usually they can only see the one MAC address of the wireless “hub”

• In repeated wireless, software is employed to allow satellites to see the other stations as if they were plugged into a regular Ethernet hub

• This means that the “hub” location has to bridge back to the same network it received traffic from - this is normally a bad thing - but in this case not only works but is necessary

• This is something that the Wavelan / Pinnacle Link product does VERY well and cannot be done in Linux

About the Linux router project• Made to run off of a single floppy but can run off of a

hard drive or flash disk (as mine does)

• Can turn a low-end 486 into a high-speed router

• Can be made to do just about anything a regular router or Linux box can do - routing, bridging, NAT / Masquerading, VPN, mail transport, proxy server, web hosting, etc, etc..

• Support for hundreds of network devices

• LRP on the web: http://www.linuxrouter.org

• Is an “open source” project and is $FREE$

• Many people using it and contributing to it

The MAEDS testbed network• Just talking about a wireless networking product

would be too easy, so I built one specifically for this conference

• The hardware: Celeron 333mhz, 64mb RAM, 40mb flash disk, cheap video, Ethernet, Lucent Wavelan 11mb/s Bronze card in PCMCIA host adapter

• My unit cost about $700 to build - all hardware• A less spiffy router, or one without an expensive

wireless card would be a LOT cheaper (free if you have a pile of 486’s in your storage room)

More thoughts on testing throughput

• How you test depends on your protocols

• With IPX - copy a file and time it

• With TCP/IP use FTP or a program like TCPSPRAY

• WS_FTP LE will tell you a mb/s rate

• Must do multiple times and take the average

• Must be disconnected from other machines - regular network traffic will slow things down

LRP and IP Masquerading• Linux can do Network Address Translation

(NAT) but its called Masquerading• This allows you to have a single real IP address on

one side and a huge number of fake IP addresses on the other

• Use IP addresses reserved for this purpose: 10.X.X.X, 192.168.X.X, etc.

• Provides some security• The testbed units use a few different levels of

masquerading

Benefits & Cost analysis

• Is owned outright• Can be expensive to install (especially the

towers and labor)• Usually pays for itself in a few years versus

Telco solutions• Can be added to, taken down, and moved as

locations change• Can be serviced any time you want

Gotchas• Installation should be done by qualified people

• Learn from our mistake - don’t be chintzy on the installation

• If the installation company has to come back, you lost your savings in a single trip

• Wireless installers usually not local

• Wireless installers are BUSY and you must get time on their schedule

• Watch out for frequency usage - they are free for anyone to use. Microwave ovens and cordless phones can interfere

Questions and

(maybe) Answers

This presentation to be at:

http://lachniet.com