Wi-fi is a microwave technology, but that obscures the fact that it's a radio technology. and it has its place in the radio portion of the electromagnetic spectrum. Microwaves are just radio waves with very short wavelengths. The wavelength of your typical AM radio signal is a thousand feet. FM radio operates at a wavelength of a little under ten feet. Wi-Fi, by contrast, works at a wavelength of 12 centimeters less than five inches. The frequency used by Wi-Fi gear is at a frequency of about 2.45 Gigahertz (Ghz), which 2.45 billion cycle per second. The key point to remember is that Wi-Fi isn't the only kid on that particular radio block The Radio spectrum between 2.4Ghz and 2.4835Ghz was Already a pretty busy place prior to 1997, when the 802.11 standard was first published, and it's gotten a lot busier with the ascendance of Wi-Fi. The Band itself goes back some years before 1997, and it was originally set aside by the Federal Comminications Commision (FCC) fot he use of industrial machinery like induction heaters (including microwave ovens), cordless phones, and various arcane medical and scientific gadgetry gathered under the description "industrial, scientific, and medical." Licenses are not required for individuals to operate ISM equipment designed for use within the band. However, manufacturers must apply for the receive type acceptance from the FCC before they can manufacture products for the band, which must adhere to fairly strict FCC requirments for power output, band use, and purity emissions.
Wi-fi gear is, like ISM equipment, unlicensed, and it also must undergo FCC type acceptance. However, Wi-Fi gear is not considered ISM equipment and doest not have any kind of priority on the frequencies it uses over ISM equipment. In fact, if a medical or industrial device causes interference to a Wi-Fi network, the network's owner has no legal recourse othe than to move to a different Wi-Fi channel, of which there are only 12.
Two other significant wireless networking technologies, Bluetooth and HomeRF, share space on this band. As with WI-FI, both are secondary uses to virtually all other uses of tha band, parts of which are used by public safety (police and fire) communications, news gathering services, seaborne and airborne radar, and numerous other things.
The allocation of the band to Wi-Fi equipment is complex. Fig 1 sample shows a diagrammatically how the band is laid out. Perhaps the most important thing to notice is that other regions of the world have a larger Wi-Fi frequency allocation than American users do. The Japanese, in particular, have the use of a full 100Mhz between 2.4 and 2.5 Ghz for 802.11b operation. American users have only the first 83.5 Mhz of that space, with Europe falling somewhere in the middle. Parts of Europe have access only to limited subsets of the band, France being the most notable example.
Wi-Fi channels are spaces 5 Mhz apart. However, the bandwidth of a Wi-Fi channel is 25 Mhz. This means that individual channels overlap with two adjacent channels in either direction. Channel 6, for example, overlaps channel 4,5,7 and 8. For American users, at least, this means that only the three channels 1,6, and 11 may be used simultaneously in the same general space without any channel interference. Channel 14 is something of an outlier and is set apart slightly from the first 13 channels. Channel 14, however, is used mostly in Japan and (along with channel 12 and 13) is not sanctioned by the FCC.
Wednesday, November 14, 2007
Network Address Translation (NAT) and Home office Routers
The good news about local IP addresses is that they're invisible to the Internet as a whole. If network crackers can't see your IP address, breaking into your computer from the Internet is a lot harder. The bad news, of course, is that if your IP address is invisible to the Internet, it's kind of hard for a Web server to send you satellite weather images or anything else.
The solution is something called Network Address Translation (NAT). NAT is a software service that can run on a computer or (more commonly) inside a router. Quite simply, NAT translate a non-routable local IP address into a "normal," routable IP address. There are several different types of NAT software. I'm going to focus on the kind that runs inside a small router, because that's the place NAT runs in most simple home office networks.
If you create a home or small office network using a router or wireless gateway, (gateways contain routers, so when I say "routers" in this I'm including gateways too) your router is the device thats gets the IP address that you receive from your Internet Service Provider. Routers are the "entrance points" to networks, and your IP address is the address "over the door."
Anything you do using the TCP/IP protocol (which, over the Internet, is virtually everything you do) involves a connection between your computer and a computer somewhere else. A connection requires two ends, and both ends must have IP addresses. The hangup (as I mentioned earlier) is that a from local IP address cannot be accessed beyond your router. To use the Internet from your computer, you must have a routable IP address.
NAT provides this. Take a look at Fig 1. This is a sketch of a very common home network setup: Four computers, a router, and a switch. (In many or ever most cases these days, the router and the switch are combined into a single unit. I break them out here for conceptual clarity.) Each of the network's four computer has a local,
non-routable IP address. NAT is running inside the router NAT keeps these local IP addresses in a table that it maintains within itself.
The router has a public, routable IP address that is the only address for the whole network that can be seen by the outside world. When a server or some other program needs to create a connection to one of the computers inside the network, the router takes its own public IP address, and adds a TCP port number to that address. It tucks this "extended" IP address in its internal table beside the local IP address of the computer in question. Which port number isn't important, as long as it isn't already being used by anything in that particular network. (There are over 65,000 different port numbers, so finding a free one in a small network is rarely a problem.) In this way, NAT creates the table as a sort of "internal phone book" for the devices on its network. This table is not accessible from the Internet. Only NAT can read in or change it.
When one of the computers inside the network wants to connect to a Web server. NAT takes the Web page request and places the extended IP address (the router's IP address plus a port number) into the request. When the Web server establishes a connection, it uses this extended IP address, and not the internal, local IP address of the computer to which it connects. The connection is thus established with the router, not the computer and the router decides what material delivered from the Web server can reach the computer.
NAT thus provides two very important benefits to a small network:
1. It makes good use of scarce unique public IP addresses. Only one is needed for the network as a whole. Computers on the network all have a local IP addresses, which may also be used locally by other networks, even millions of other networks.
2. It provides considerable security. No computer may connect to a computer inside the network without the router's consent and cooperation. Virtually all home office routers include both DHCP servers (which provide a local IP addresses to devices on the network) and NAT servers, which intermediate between local iP addresses and the global Internet. Rounding out the equipment lineup on home routers is usually a switch with several hardware ports ( no relation to TCP ports!) for plugging in computers and othe network devices, like Wi-Fi access points.
The solution is something called Network Address Translation (NAT). NAT is a software service that can run on a computer or (more commonly) inside a router. Quite simply, NAT translate a non-routable local IP address into a "normal," routable IP address. There are several different types of NAT software. I'm going to focus on the kind that runs inside a small router, because that's the place NAT runs in most simple home office networks.
If you create a home or small office network using a router or wireless gateway, (gateways contain routers, so when I say "routers" in this I'm including gateways too) your router is the device thats gets the IP address that you receive from your Internet Service Provider. Routers are the "entrance points" to networks, and your IP address is the address "over the door."
Anything you do using the TCP/IP protocol (which, over the Internet, is virtually everything you do) involves a connection between your computer and a computer somewhere else. A connection requires two ends, and both ends must have IP addresses. The hangup (as I mentioned earlier) is that a from local IP address cannot be accessed beyond your router. To use the Internet from your computer, you must have a routable IP address.
NAT provides this. Take a look at Fig 1. This is a sketch of a very common home network setup: Four computers, a router, and a switch. (In many or ever most cases these days, the router and the switch are combined into a single unit. I break them out here for conceptual clarity.) Each of the network's four computer has a local,
non-routable IP address. NAT is running inside the router NAT keeps these local IP addresses in a table that it maintains within itself.
The router has a public, routable IP address that is the only address for the whole network that can be seen by the outside world. When a server or some other program needs to create a connection to one of the computers inside the network, the router takes its own public IP address, and adds a TCP port number to that address. It tucks this "extended" IP address in its internal table beside the local IP address of the computer in question. Which port number isn't important, as long as it isn't already being used by anything in that particular network. (There are over 65,000 different port numbers, so finding a free one in a small network is rarely a problem.) In this way, NAT creates the table as a sort of "internal phone book" for the devices on its network. This table is not accessible from the Internet. Only NAT can read in or change it.
When one of the computers inside the network wants to connect to a Web server. NAT takes the Web page request and places the extended IP address (the router's IP address plus a port number) into the request. When the Web server establishes a connection, it uses this extended IP address, and not the internal, local IP address of the computer to which it connects. The connection is thus established with the router, not the computer and the router decides what material delivered from the Web server can reach the computer.
NAT thus provides two very important benefits to a small network:
1. It makes good use of scarce unique public IP addresses. Only one is needed for the network as a whole. Computers on the network all have a local IP addresses, which may also be used locally by other networks, even millions of other networks.
2. It provides considerable security. No computer may connect to a computer inside the network without the router's consent and cooperation. Virtually all home office routers include both DHCP servers (which provide a local IP addresses to devices on the network) and NAT servers, which intermediate between local iP addresses and the global Internet. Rounding out the equipment lineup on home routers is usually a switch with several hardware ports ( no relation to TCP ports!) for plugging in computers and othe network devices, like Wi-Fi access points.
Basic Service Set (BSS) vs. Extended Service Set (ESS)
The term basic service set (BSS) is IEEE standards jargon for a wireless network containing only a single wireless access point. Fig 1 shows a basic service set.
The vast majority of small office and home office networks fall into the BSS category, since the range of a typical access point or wireless gateway is designed to "fill" a typical residence or small office.
In a larger office, or a large and oddily-shaped residence, a single access point may not provide coverage "out to the corners." The overall 802.11 standard provides for a network in which multiple access points are connected to the wired portion of the network, operating from the same router. Such as network is called an extended service set (ESS). The basic idea of an ESS is shown in Fig 2.
Here, there are two access points, but both have the same SSID. This is a crucial point; remember that the SSID is the identifier of the network, not the access point! The coverage of the two access points is shown by the gray clouds. For clarity, the clouds do not overlap in the figure, but in practice they should overlap slightly to avoid "dead spots" in the middle of the home or office.
Note that both access points are managed by the same router. That's key: Unless you're willing to do some really serious mucking around, all access points in an ESS must be addressed within a single subnet, and a subnet is almost by definition controlled by a single router. This usually means reconfiguring all access points to request IP addresses from a central DHCP server, rather than using the preset local IP addreses written into access point firmware at the factory.
Setting up an ESS may seem straightforward, but there are technical issues that just don't arise in setting up a basic service set. The first is service area overlap and channel interference. To avoid interference among the several access points, channels must be assigned to access points such that overlapping channels are not used by access points with overlapping service areas. There are only three channels in the American 2.4Ghz Wi-Fi channel set that may be used simultaneously without overlap: 1,6, and 11. If your ESS can be function with only three access points, do your best to make it so,and use those three channels. Once you go beyond three, you have to take the spatial relationships of the access points into account to avoid having one access point interfere with another.
Figure 3 shows how to avoid channel conflicts when using multiple access points to fill a large rectangular office space. In the example,five access points are used, all of them on one of the three non-overlapping channels. Note that nowhere do two fields intersect on the same channel. Theoretically, you can fill a space of any arbitrary size with only these three channels, and not have any fields overlap on the same channel. In practice, difference in field strength due to building shape and construction will still give you dead spots and occassional areas where two fields of the same channel are strong enough to conflict.
In other words, setting up an ESS with more than three access points is more art than science.
The vast majority of small office and home office networks fall into the BSS category, since the range of a typical access point or wireless gateway is designed to "fill" a typical residence or small office.
In a larger office, or a large and oddily-shaped residence, a single access point may not provide coverage "out to the corners." The overall 802.11 standard provides for a network in which multiple access points are connected to the wired portion of the network, operating from the same router. Such as network is called an extended service set (ESS). The basic idea of an ESS is shown in Fig 2.
Here, there are two access points, but both have the same SSID. This is a crucial point; remember that the SSID is the identifier of the network, not the access point! The coverage of the two access points is shown by the gray clouds. For clarity, the clouds do not overlap in the figure, but in practice they should overlap slightly to avoid "dead spots" in the middle of the home or office.
Note that both access points are managed by the same router. That's key: Unless you're willing to do some really serious mucking around, all access points in an ESS must be addressed within a single subnet, and a subnet is almost by definition controlled by a single router. This usually means reconfiguring all access points to request IP addresses from a central DHCP server, rather than using the preset local IP addreses written into access point firmware at the factory.
Setting up an ESS may seem straightforward, but there are technical issues that just don't arise in setting up a basic service set. The first is service area overlap and channel interference. To avoid interference among the several access points, channels must be assigned to access points such that overlapping channels are not used by access points with overlapping service areas. There are only three channels in the American 2.4Ghz Wi-Fi channel set that may be used simultaneously without overlap: 1,6, and 11. If your ESS can be function with only three access points, do your best to make it so,and use those three channels. Once you go beyond three, you have to take the spatial relationships of the access points into account to avoid having one access point interfere with another.
Figure 3 shows how to avoid channel conflicts when using multiple access points to fill a large rectangular office space. In the example,five access points are used, all of them on one of the three non-overlapping channels. Note that nowhere do two fields intersect on the same channel. Theoretically, you can fill a space of any arbitrary size with only these three channels, and not have any fields overlap on the same channel. In practice, difference in field strength due to building shape and construction will still give you dead spots and occassional areas where two fields of the same channel are strong enough to conflict.
In other words, setting up an ESS with more than three access points is more art than science.
Subscribe to:
Posts (Atom)
