Wozney Enterprises Limited

Transformations of Networking — Part 5 — Wireless

  1. Transformations of Networking — Part 1
  2. Transformations of Networking — Part 2
  3. Transformations of Networking — Part 3
  4. Transformations of Networking — Part 4
  5. Transformations of Networking — Part 5 (this article)

One thing that may seem missing from this chronology of networking is wireless. Wireless networking has been around for many years in the form of WAN connectivity (which I have completely side-stepped for this series), but it was in 1997 that the first 802.11 IEEE draft was ratified.

Lucky for you, the Wikipedia 802.11 page has a solid description of the growth of the WLAN protocols so I don’t feel compelled to repeat it. What I would like to talk about is how the designs of wireless networks have changed over the years.

Wireless Routers

The first time wireless really came into the public consciousness was with wireless routers. These devices are commonly used as a single solution for a firewall, Internet router (usually providing NAT for IP masquerade) and Layer 2 Access Points.

These devices allowed administrators to create one-off wireless LANs. These wireless routers offered a variety of security considerations, and some of the more advanced systems allowed administrators to control where wireless clients can go — allowed the administrator to create a WLAN for visitors, without opening up the LAN to a non-employee.

Autonomous Layer 2 APs

For the most part, APs have been autonomous. This term really only makes sense when you consider the alternative, which is in the next section. Suffice it to say that what we consider autonomous is an Access Point that is managed by an administrator directly, and that applies security policies locally. This approach works very well for small-scale operations, and we’re going to see these types of devices for a long time.

That said, administration of a large number of autonomous APs can become tedious. The largest AP deployment I’ve seen is 100 APs (for a school division with 10 sites in BC), so you can imagine what Universities and Colleges are planning right now. I don’t even want to think of the work involved in updating a WEP or WPA key for 100 APs, or 500, or 1000? How about adding an SSID? Or managing a security policy? My favorite job is doing meaningful work, I don’t get any satisfaction from tedious work, and thankfully neither does Cisco.

Cisco’s initial solution to this problem was their CiscoWorks WLSE product, which provided a central location to manage many Autonomous APs. The software would upload configuration changes to remote APs as required.

Unfortunately WLSE was fairly complex to setup so it wasn’t largely adopted; and now it is to be relegated to a foot-note as the next evolution of wireless networking eclipses this problem.

Controller Based Layer 2 APs

Cisco. What a great company — what they don’t invent, they buy. In 2001, Airespace was founded and they developed a controller based system for managing APs. This wasn’t WLSE in any way.

The so-called light-weight APs are essentially stripped of most of their responsibility, to two essential tasks: advertising the required SSIDs, and tunneling the user traffic to a central controller. This tunneling approach (over a protocol called LWAPP) meant that the local infrastructure became meaningless — the APs could sit on the LAN and advertise an SSID that had no place on the LAN (like a contractor WLAN, or a student WLAN) without compromising security.

There are lots of other really good reasons for to centralize in this way. Cisco plots out a whole bunch with their white paper: The Benefits of Centralization in Wireless LANs

I’ve done two big controller based deployments, and I can tell you that we can get a big bunch of APs online very, very quickly this way.

I’ll take this opportunity to note that Cisco isn’t the only player in the wireless centralization space. The IETF is working on a standard called CAPWAP that is based on LWAPP, but isn’t proprietary to Cisco. A quick look shows that there are participating members from some big networking companies (but not Cisco); so who knows where this will lead. Sometimes in networking the IETF defined standards sit unused, while a defacto standard is widely distributed.

Wireless Mesh Topology

Just a quick note on what is possible here. I haven’t done much with wireless mesh, but I have seen it in use. The primary purpose of a wireless mesh is to extend a wireless network without using any wires. Seem straight-forward enough? There is a lot going on under the hood, and like with any wireless deployment you’re going to need a good site-survey to make sure this happens.

A wireless mesh topology is essentially a way of back-hauling data wirelessly, between APs, where each AP can either be advertising SSIDs for users, or be attached physically to the LAN for the final leg to network services or other network clients.

Naturally Cisco has a white-paper on this: Cisco Enterprise Wireless Mesh Solution Overview

Radio Considerations

Site Survey

Even for a small deployment, a wireless site-survey is important. For a large deployment, it is critical to know the weak-spots so they can be address with either more wireless power, or with a wireless AP to patch the hole. At least, your client should understand the limitations of the design you’ve specified.

Channel Overlap

We see wireless networks overlapping all the time. In a controlled environment with lots of APs providing coverage to an area it is important to choose channels with minimal overlap. Overlap happens because even though there appear to be 11 (14 outside of North America) available channels, there is a significant amount of transmission outside of this range for each channel. As a result, there are only non-overlapping channels in the 2.4GHz (802.11b/g) range.

Cisco has a concise document that describes handling channel-overlap Channel Deployment Issues for 2.4-GHz 802.11 WLANs

Here is a link from Wikipedia describing the available WLAN channels for each range: List of WLAN channels

You can see that while 802.11b/g has a limited number of available channels (with consequences for signal overlap), 802.11a on the other hand has many more available channels. In a wirelessly saturated environment, you might have better luck with this channel range, even taking into account its shorter range and problematic structural penetration rate (it doesn’t go through walls as well).

One last note is for 802.11n — which while it is still being worked on by the IEEE has already reached some penetration into the market. 802.11n should be very useful, as it will use both frequences ranges (2.4GHz and 5GHz) — minimizing the problems with channel overlap.

Wireless Best Practices

One of the most important things to consider in WLANs is the security. Wireless networks penetrate walls, and spread outside of your business, and access to you network can be gained without a physical connection to the hardware in the LAN. These are indeed, the benefits of a WLAN, but without careful management they can also be its undoing.

If you’re deploying a wireless network (even a small one) it pays to do things right. Don’t rely on your neighbors good nature to not tap into your systems, for even if your neighbors are honest, their employees or contractors may not be, and certainly you can’t count on someone driving around looking for available networks. See Wikipedia’s Wardriving.

Cisco:
Five Steps to Securing Your Wireless LAN and Preventing Wireless Threats

Microsoft:
Wireless Deployment Recommendations and Best Practices

Summary and Implications

So how does all of this affect your network? It depends on your client.

Lightweight controller based solutions have a higher per-AP cost, so you have to be able to justify this addition cost. It doesn’t usually make sense to do a controller based AP deployment for less than 6 APs, but Cisco has released a small business range of APs with only 802.11g radios (so no a,b or n) that can be autonomous or controller based.

Cisco 521 Wireless Express Access Point

Cisco 526 Wireless Express Mobility Controller

Whether or not you go for a controller based architecture, or autonomous APs the key element to keep in mind is WLAN security.

One Response to “Transformations of Networking — Part 5 — Wireless”

  1. Transformations of Networking – Part 5 – Wireless « WOZNEY enterprises ltd says:
    April 21, 2010 at 10:40 am

    [...] And here is a link to the original article that you were looking for! http://wozney.ca/2008/09/11/transformations-of-networking-part-5/ [...]

Leave a Reply

Who we are

Wozney Enterprises is an incorporated company with one employee: Paul Wozney.

Paul has over ten years of experience in the networking industry; he has worked as a network analyst for an ISP, managed WAN services for a multi-national corporation, managed a Linux mail implementation for over 3000 users, and is currently providing network consulting services to SMB companies.

More about Paul Wozney

What we do

Wozney Enterprises is a Select Certified Cisco Partner specializing in SMB networks; our services include network design, implementation, analysis and support services for switching, routing, wireless, security and voice.

We have several consultants that specialize in Linux servers; our Linux services include server design, installation, analysis and support for web applications, IP telephony and network management.

We have experience working with companies in marketing, mining, legal, education, real estate investment, and marine terminal operations.

More about our services

Paul is Offline

Paul’s not online for an IM chat right now, but you can give him a call
+1 604-629-9975
+1 866-748-0516