Using Common Applications over Bridges
In the service provider arena, bridges are often used to tie
multiple companies back to a single point of presence. However, the traffic
needs to be separated for security and privacy reasons. Here, you can use virtual LANs (VLANs).
Because bridges are also used to replace T1 lines, fiber
links, or other hard-wired systems, they are expected to carry any and all of
the same type of network traffic between sites. In many cases, this can include
time-sensitive traffic, for which quality-of-service (QoS) implementations should be used
to improve performance. Bridges are increasingly replacing certain types of
leased lines, and one common application used in such scenarios is VoIP.
VLANs
A VLAN is a group of end stations with a common set of
requirements, independent of their physical location. A VLAN has the same
attributes as a physical LAN, but enables you to group end stations even if they
are not located physically on the same subnet.
802.1Q VLAN support is provided to work in conjunction with the
switch or router attached to the wireless bridge. Both the wired Ethernet and
wireless radio interface should support VLAN trunking. Native Ethernet and
802.1Q tagging is supported on many of the available bridges today.
Thus, the bridge participates in the 802.1d Spanning Tree
Protocol process of bridging two networks together. VLANs can be extended into a
WLAN by adding IEEE 802.1Q tag awareness to the bridge. The basic wireless
components of a VLAN consist of two or more bridges communicating using wireless
technology. The bridge is physically connected through a trunk port to the
network VLAN switch on which the VLAN is configured. The physical connection to
the VLAN switch is through the bridge's Ethernet port.
Figure 14-4 shows a
typical VLAN bridge topology.
QoS
Implementing QoS in your wireless
link makes applications run more predictably and bandwidth utilization more
effective. By using QoS features, you can prioritize specific types of traffic
instead of sending packets in a purely first in, first
out (FIFO) manner. When subject to delays, voice and video traffic causes
very unfavorable behavior in phone conversations (major lags or even dropped
phone calls). The objectives of a QoS feature on a bridge would include
providing 802.1p priority bits and 802.1Q VLAN tag-based QoS, and priority
services for VoIP traffic, based upon IP TOS (type of
service bits in the IP protocol header) / DSCP (differentiated services
code point).
Many bridges can only classify traffic based on IP TOS
precedence and DSCP values and put it into the correct priority queues. Devices
that follow the 802.11e priority values have eight priority queues. The class of service (CoS) values associated with the eight
priority queues are the same as in 802.1p.
User priority values are carried in an Ethernet frame, an
802.1Q priority tag, or an 802.1Q VLAN tag. The CoS value is used to select the
appropriate 802.11 transmit queue.
A bridge can use the priority tag to calculate back-off times
for each packet, enabling high-priority packets to have short back-off times,
setting them up for transmission before lower-priority packets.
Voice over IP
When using QoS, you should prioritize voice traffic by defining
a policy and assigning that policy to the VLAN carrying the voice traffic. Many
bridges support QoS only in point-to-point links. Voice in a point-to-multipoint
configuration gets a bit tricky, because over-the-air QoS coordination between
endpoints is difficult if they cannot hear each other. In point-to-multipoint
systems, it is typical that one remote site can hear the central site but cannot
hear other remote sites, because of distance or even antenna type and direction.
This is commonly referred to as a hidden node. A
protocol called Point Coordination Function (PCF)
enables the central site to control when each endpoint has access. Voice in
point-to-multipoint networks is possible if PCF mode is implemented, but not
many products support this today.
The typical number of voice lines for an 802.11a or 802.11g
54-Mbps bridge link operating in a point-to-point topology can vary based on the
coding of voice traffic. For a typical 54-Mbps link, up to 15 calls can be
handled when using G.711, and as many as 40 calls may be possible when using
G.729 protocol. These numbers take into account some data traffic also running
on the link. The number of voice lines has been calculated by using a maximum
jitter of 25 ms.
Security
Security is a major part of any
enterprise deployment, and as such the design should ensure the security of not
only the wireless links as a whole but also the bridge itself. Multiple types of
security levels are available in different bridges, including a variety of
proprietary schemes, WEP, WPA, and 802.1x authentication schemes.
One very common method is just to put a router behind each bridge that supports
VPN tunneling, or to use a VPN hardware device behind each bridge (but be aware
some VPN tunnels hide any 802.1Q tag). It is advisable to review some good
security references before selecting the product to install.
Sections
