Wired Wireless
Presumably, no matter how many wireless clients you intend to
support, you will eventually need to "hit the
wire" in order to access other networks (such as the
Internet). There are a number of different kinds of physical devices
you can use to jump from wireless back to your wired infrastructure.
3.2.1 Access Point Hardware
APs are widely
considered ideal for "campus"
coverage. They provide a point of entry to the wired infrastructure
that can be configured by a central authority. They typically allow
for one or two radios per AP, theoretically supporting hundreds of
simultaneous wireless users at a time. They must be configured with
an ESSID (Extended Service Set ID, also known as
the Network
Name or WLAN Service Area ID, depending on who you
talk to); it's a simple string that identifies the
wireless network. Many APs use a client program for configuration and
a simple password to protect their network settings. All hardware
access points provide BSS master services.
Most APs also provide a number of enhanced features. External
antennas (or antenna connectors), advanced link status monitoring,
and extensive logging and statistics are now common on many APs. In
addition, most access points provide two additional security
measures: MAC
address
filtering and closed networks. With MAC filtering enabled, a client
radio attempting access must have its MAC address listed on an
internal table before it can associate with the AP. In a closed
network, the AP doesn't beacon its ESSID at regular
intervals. This means that each client must know the ESSID ahead of
time, which makes it more difficult for people using programs such as
NetStumbler
to detect the network.
Other enhanced modes include dynamic
WEP key management, public
encryption key exchange, channel bonding, and other fun toys.
Unfortunately, these extended modes are entirely manufacturer- (and
model-) specific, are not covered by any established standard, and do
not interoperate with other manufacturers'
equipment.
In addition to dedicated AP hardware, certain radio cards (in
particular, those based on the Prism 2 chipset) can be made to
operate as a BSS master and act as if it were a regular AP. In Chapter 5, I will show you how to "roll
your own" AP using the Host AP driver for Linux.
APs are by far the most widely used devices for providing wireless
services, particularly in corporate networks. They provide a high
degree of control over who can access the wire, but they are not
cheap (the average AP at the time of this writing costs between $500
and $1000).
Another class of AP is occasionally referred to as a
residential
gateway (RG). The Apple
Airport, Orinoco RG series, and Linksys WAP11 are popular examples of
RGs. They are typically much less expensive than their
"commercial" counterparts, costing
between $100 and $300. Many have built-in modems, allowing for
wireless-to-dialup access (which can be very handy, if Ethernet
access isn't available). Most even provide
Network Address Translation (NAT), DHCP,
and bridging services for wireless clients. While they may not
support as many simultaneous clients as a high-end AP, they can
provide cheap, simple access for many applications. When configuring
an inexpensive AP for bridged Ethernet mode, you can still have a
high degree of control over what individual clients can access on the
wired network by controlling communications at a higher level. See
the "Captive Portal" discussion in
Chapter 7 for more details.
Note that APs (that is, BSS masters) do not talk
to each other over the air. In order to have 802.11b BSS mode
communications, one device (e.g., an access point) must be a master,
and the other must be a client.
3.2.2 BSS Client Hardware
While the typical BSS
client is a PCMCIA or other plug-in radio card, there are also other
hardware devices that will serve as a BSS client that connect
directly to Ethernet. The Linksys WET11, 3Com Wireless Workgroup
Bridge, and Orinoco Ethernet Converter are examples of this type of
hardware. Some RGs (such as the Linksys WAP11) can even be made to
operate as a BSS client. The typical wireless client
bridge is a small box that provides one or more
Ethernet ports and bridges them (at Layer 2) directly to a wireless
network. The radio is configured via Ethernet (or a USB port) to act
as a client to an existing wireless network. After initial
configuration, no further interaction with the bridge is necessary.
As far as the wired device is concerned, it is directly attached to
an Ethernet network and requires no special drivers or other
preparation to use the wireless network.
These devices are very handy in some circumstances, especially when
you would like to get an Ethernet-equipped device onto the wireless
network, but can't install a wireless card. One
typical use is to connect an Ethernet printer to a wireless network,
so you can install it somewhere that doesn't have
CAT5 available. Another popular use for the WET11 is to bridge a
console game (such as Sony PlayStation 2) to your wireless network,
thereby avoiding the need to run CAT5 to your television. They are
also handy for connecting remote access points back to a central
wireless infrastructure. I'll provide an example of
how to do that in Chapter 7.
The two big drawbacks to most BSS client hardware are price and
performance. Since they aren't as popular as client
cards, they are typically a bit more expensive. They are also tend to
offer poor performance compared to client cards (2 to 4Mbps
throughput is typical, compared to 5 to 6Mbps with client cards).
Despite these issues, Ethernet bridges are an ideal solution to some
networking problems.
3.2.3 Peer-to-Peer (IBSS) Networking
Radios that are operating in IBSS
mode can communicate with each other without a hardware access point
if they have the same ESSID and WEP settings. This is particularly
handy for setting up temporary wireless workgroups without an AP, or
for building point-to-point wireless connections. As stated earlier,
any computer with an 802.11b card and another network connection
(usually Ethernet, dialup, or even another wireless connection) can
serve as a gateway between the two networks.
There is one important constraint on using IBSS
mode: although it is defined by the 802.11b standard, few client
cards actually interoperate well in the real world with others using
IBSS. While two radios of the same manufacturer (and of the same
firmware revision) generally work just fine, trying to get a Cisco
card to talk to a Proxim card in IBSS mode (for example) is usually
futile.
With this in mind, why would you choose to use IBSS mode rather than
use an AP or the Host AP driver? There are a couple of reasons. If
you happen to have two cards of the same manufacturer and a couple of
old computers, IBSS mode is ideal if you want to create a fixed
point-to-point connection. Also, Host AP supports only a limited set
of wireless cards—if you already own a card that
isn't supported, you're out of
luck. Finally, if you're using a laptop and need to
exchange data with another wireless user, IBSS is your only option if
you're out of range of an AP and
can't run Host AP.
In Chapter 5, I'll build a
Linux-based wireless gateway from scratch, using both IBSS mode and
the Host AP driver. In Chapter 7,
I'll examine one method of extending the gateway to
provide different classes of service, depending on who connects to
it.
Sections
