3.2 Wired WirelessPresumably, no matter how many wireless clients you intend to support, you will eventually need to "hit the wire" in order to access other networks (such as the Internet). There are a number of different kinds of physical devices you can use to jump from wireless back to your wired infrastructure. 3.2.1 Access Point HardwareAPs are widely considered ideal for "campus" coverage. They provide a point of entry to the wired infrastructure that can be configured by a central authority. They typically allow for one or two radios per AP, theoretically supporting hundreds of simultaneous wireless users at a time. They must be configured with an ESSID (Extended Service Set ID, also known as the Network Name or WLAN Service Area ID, depending on who you talk to); it's a simple string that identifies the wireless network. Many APs use a client program for configuration and a simple password to protect their network settings. All hardware access points provide BSS master services. Most APs also provide a number of enhanced features. External antennas (or antenna connectors), advanced link status monitoring, and extensive logging and statistics are now common on many APs. In addition, most access points provide two additional security measures: MAC address filtering and closed networks. With MAC filtering enabled, a client radio attempting access must have its MAC address listed on an internal table before it can associate with the AP. In a closed network, the AP doesn't beacon its ESSID at regular intervals. This means that each client must know the ESSID ahead of time, which makes it more difficult for people using programs such as NetStumbler to detect the network. Other enhanced modes include dynamic WEP key management, public encryption key exchange, channel bonding, and other fun toys. Unfortunately, these extended modes are entirely manufacturer- (and model-) specific, are not covered by any established standard, and do not interoperate with other manufacturers' equipment. In addition to dedicated AP hardware, certain radio cards (in particular, those based on the Prism 2 chipset) can be made to operate as a BSS master and act as if it were a regular AP. In Chapter 5, I will show you how to "roll your own" AP using the Host AP driver for Linux. APs are by far the most widely used devices for providing wireless services, particularly in corporate networks. They provide a high degree of control over who can access the wire, but they are not cheap (the average AP at the time of this writing costs between $500 and $1000). Another class of AP is occasionally referred to as a residential gateway (RG). The Apple Airport, Orinoco RG series, and Linksys WAP11 are popular examples of RGs. They are typically much less expensive than their "commercial" counterparts, costing between $100 and $300. Many have built-in modems, allowing for wireless-to-dialup access (which can be very handy, if Ethernet access isn't available). Most even provide Network Address Translation (NAT), DHCP, and bridging services for wireless clients. While they may not support as many simultaneous clients as a high-end AP, they can provide cheap, simple access for many applications. When configuring an inexpensive AP for bridged Ethernet mode, you can still have a high degree of control over what individual clients can access on the wired network by controlling communications at a higher level. See the "Captive Portal" discussion in Chapter 7 for more details. Note that APs (that is, BSS masters) do not talk to each other over the air. In order to have 802.11b BSS mode communications, one device (e.g., an access point) must be a master, and the other must be a client. 3.2.2 BSS Client HardwareWhile the typical BSS client is a PCMCIA or other plug-in radio card, there are also other hardware devices that will serve as a BSS client that connect directly to Ethernet. The Linksys WET11, 3Com Wireless Workgroup Bridge, and Orinoco Ethernet Converter are examples of this type of hardware. Some RGs (such as the Linksys WAP11) can even be made to operate as a BSS client. The typical wireless client bridge is a small box that provides one or more Ethernet ports and bridges them (at Layer 2) directly to a wireless network. The radio is configured via Ethernet (or a USB port) to act as a client to an existing wireless network. After initial configuration, no further interaction with the bridge is necessary. As far as the wired device is concerned, it is directly attached to an Ethernet network and requires no special drivers or other preparation to use the wireless network. These devices are very handy in some circumstances, especially when you would like to get an Ethernet-equipped device onto the wireless network, but can't install a wireless card. One typical use is to connect an Ethernet printer to a wireless network, so you can install it somewhere that doesn't have CAT5 available. Another popular use for the WET11 is to bridge a console game (such as Sony PlayStation 2) to your wireless network, thereby avoiding the need to run CAT5 to your television. They are also handy for connecting remote access points back to a central wireless infrastructure. I'll provide an example of how to do that in Chapter 7. The two big drawbacks to most BSS client hardware are price and performance. Since they aren't as popular as client cards, they are typically a bit more expensive. They are also tend to offer poor performance compared to client cards (2 to 4Mbps throughput is typical, compared to 5 to 6Mbps with client cards). Despite these issues, Ethernet bridges are an ideal solution to some networking problems. 3.2.3 Peer-to-Peer (IBSS) NetworkingRadios that are operating in IBSS mode can communicate with each other without a hardware access point if they have the same ESSID and WEP settings. This is particularly handy for setting up temporary wireless workgroups without an AP, or for building point-to-point wireless connections. As stated earlier, any computer with an 802.11b card and another network connection (usually Ethernet, dialup, or even another wireless connection) can serve as a gateway between the two networks. There is one important constraint on using IBSS mode: although it is defined by the 802.11b standard, few client cards actually interoperate well in the real world with others using IBSS. While two radios of the same manufacturer (and of the same firmware revision) generally work just fine, trying to get a Cisco card to talk to a Proxim card in IBSS mode (for example) is usually futile. With this in mind, why would you choose to use IBSS mode rather than use an AP or the Host AP driver? There are a couple of reasons. If you happen to have two cards of the same manufacturer and a couple of old computers, IBSS mode is ideal if you want to create a fixed point-to-point connection. Also, Host AP supports only a limited set of wireless cards—if you already own a card that isn't supported, you're out of luck. Finally, if you're using a laptop and need to exchange data with another wireless user, IBSS is your only option if you're out of range of an AP and can't run Host AP. In Chapter 5, I'll build a Linux-based wireless gateway from scratch, using both IBSS mode and the Host AP driver. In Chapter 7, I'll examine one method of extending the gateway to provide different classes of service, depending on who connects to it. |