CHAPTER 19. IEEE 802.11b: Wi-Fi Pioneer
SOME OF THE MAIN TOPICS IN THIS CHAPTER ARE
Components of an 802.11-Based Wireless Network 292
802.11b—First, But Fading Away 292
What to Look For in an Access Point 294
Do You Need a Wireless Network? 297
Connecting the Wireless Network to a Wired LAN 298
This chapter is intended to give you a brief introduction to the IEEE 802.11b standard, the first widely-available wireless Ethernet network standard. As discussed in the preceding chapter, the 2.4GHz radio frequency band (the Industrial, Scientific, and Medical—ISM—band) has been set aside as a worldwide (for the most part) radio frequency to be used for specific purposes, and this frequency range doesn’t require a radio operator’s license for you to use it. This is the frequency range that was chosen for wireless networking based on the IEEE 802.11b standard and its successor, IEEE 802.11g (see Chapter 21, “The IEEE 802.11g Standard”). The 802.11a standard, which uses the 5GHz band, is covered in Chapter 20, “Faster Service: IEEE 802.11a.”
Components of an 802.11-Based Wireless Network
No matter which standard (802.11b, 802.11a, or 802.11g) you select for a wireless network, here are the components you need:
One wireless network adapter for each PC on the network. Many laptops already include a builtin wireless network adapter. This is enough to create an ad-hoc network for sharing files and resources between wireless clients.
An Access Point (AP) is also required if you want wireless clients to connect to other networks or to the Internet.
Note
As an alternative to using an AP, you could configure a system with existing Internet access to act as a gateway for other systems. This option requires using a connection-sharing program such as Internet Connection Sharing (Windows) in the computer with existing Internet access. If the ICS computer is shut down, other computers cannot connect to the Internet.
The AP and wireless network adapters must all support the same frequency (2.4GHz or 5GHz); a dual-band (2.4/5GHz) AP supports both frequencies.
802.11 b—First, But Fading Away
Although IEEE 802.11b is the least expensive wireless technology, it is no longer the most popular because 802.11g hardware can interoperate freely with 802.11b hardware (both use the 2.4GHz frequency band) and because 802.11g hardware provides greater performance and supports newer security standards than does 802.11b.
While the IEEE was still debating (seemingly endlessly) about the specifications for the IEEE 802.11a standard, the working group for the 802.11b standard got to the finish line first. Thus, in order of adoption, the three standards look like this (earliest to latest):
802.11b, 802.11a, 802.11g
802.11b hardware is sometimes referred to as Wi-Fi hardware because it was the first type of 802.11-compatible wireless hardware to undergo Wi-Fi Alliance certification tests. Other popular terms for 802.11b hardware include Wireless-B and 11Mbps.
See “Why Wi-Fi?,” p. 299, for more information about the Wi-Fi Alliance.
802.11 b/g Channels
Although 802.11b and 802.11g use the 2.4GHz frequency band for signaling, the frequency is divided into 11 channels for use in the United States and Canada (some countries allow as many as 14 channels). Table 19.1 shows the channel frequencies supported in the United States and Canada. The effective width of each signal is about 11MHz on either side of the nominal frequency.
Table 19.1. United States/Canada 802.11b/g Channel Frequencies
Channels 1, 6, and 11 are recommended because there is a lower potential for interference from other 802.11b/g APs when these channels are used. If you need only a single AP to provide coverage for your location, use one of these channels. If you need to set up multiple APs to cover your location, you should use two or all three of these channels. Studies by Cisco Systems suggest that throughput drops because of interference if you attempt to use more than three channels in a multiple-AP scenario.
Proprietary Extensions to 802.11b
Two main factors are encouraging the replacement of 802.11b wireless networks with 802.11g or 802.11a-based networks: network speed and network security.
The maximum data rate that 802.11b-based wireless networks support is a relatively slow 11Mbps. In practice, the actual throughput is usually half that value or less due to the distance between the AP and client devices, obstructions weakening radio signals, and the additional overhead of handshaking and security.
In an attempt to improve the performance of 802.11b-based hardware, some manufacturers rolled out proprietary extensions to 802.11b networks. Some of these include D-Link (AirPlus Enhanced; 22Mbps), U.S. Robotics (22Mbps), SMC (Barricade Turbo; 22Mbps), and Alloy (22Mbps). Most of these products were based on the Texas Instruments TI ACX100 chipset, and almost all of them are now discontinued in favor of 802.11g.
The main problem with using proprietary extensions to a standard wireless technology is that all APs and clients must support the same standard or the network will run at standard speeds only. In practice, this means you must usually purchase Access Points and client hardware from the same vendor. Making an across-the-board change is often not practical in terms of cost, and is not practical if many of your PCs use built-in standards-based wireless network adapters, as many notebook computers, PDAs, and smartphones now do.
Generally, 802.11-based network hardware supports only first-generation wireless security, Wireless Equivalent Privacy (WEP), as discussed in detail in Chapter 23, “Security and Other Wireless Technologies.” Unfortunately, WEP is not nearly as secure as newer standards and someone that knows what he’s doing can easily get around WEP security. Some 802.11b hardware can be upgraded to implement the improved Wi-Fi Protected Access (WPA) standards. If you want the superior security of WPA on a mixed 802.11b/802.11g or 802.11b/802.11a network, you must upgrade your 802.11b clients to WPA, if possible, or replace your hardware. Generally, you would use 802.11g hardware as a replacement for 802.11b because both use the same 2.4GHz frequency and can interconnect with each other natively.
What to Look for in an Access Point
Although you can buy a standard AP from some SOHO network vendors, most of the APs on the market today include a router that can be used to connect to a broadband Internet connection, such as a cable/DSL modem. Most of these units also include an Ethernet switch. As a result, most vendors in the SOHO networking category sell more wireless routers with integrated switches instead of APs. For business-level (especially enterprise-level) networking, APs continue to be popular items because they can be plugged into an existing Ethernet network that is already equipped with a router.
Table 19.2 lists the differences between wireless APs, wireless routers, and wireless routers with integrated Ethernet switches.
Table 19.2. Wireless AP, Router, and Router/Switch Feature Comparison
What do the differences between a wireless AP, a wireless router, and a wireless router with integrated Ethernet switch mean? The simplest of the three devices is a wireless AP. A wireless AP’s functions include
Providing wireless access between clients
Connecting wireless clients to an Ethernet network (optional)
Providing a secure connection between clients (optional)
An AP is not equipped with a DHCP server for providing IP addresses, nor is it equipped with a router for connecting clients with another network (such as the Internet). Thus, an AP should be used in conjunction with an existing wired Ethernet network.
Although a wireless router resembles an AP, it offers additional features:
Provides wireless access between clients
Connects wireless clients to an Ethernet network (optional)
Provides a secure connection between clients (optional)
Provides server-assigned IP addresses to clients via its integrated DHCP server (optional)
Uses network address translation (NAT) to help hide LAN clients from the Internet
Routes traffic between the LAN and the Internet (WAN) when connected to a broadband Internet access device or a wired network connected to the Internet
A wireless router provides one-stop shopping for wireless clients’ LAN support needs. However, it does not provide these services to wired Ethernet clients.
A wireless router with an integrated switch supports both wireless and wired clients and includes the following functionalities:
Provides wireless access between clients
Connects wireless clients to an Ethernet network (optional)
Provides a secure connection between clients (optional)
Provides server-assigned IP addresses to clients via its integrated DHCP server (optional)
Uses network address translation (NAT) to help hide LAN clients from the Internet
Routes traffic between the LAN and the Internet (WAN)
Provides high-speed switch connections between wired Ethernet clients
Provides connections between wired and wireless clients connected to the router
Can provide DHCP and Internet access for additional wired Ethernet clients by connecting another switch to the unit’s uplink port
As you can see from this comparison, a wireless router with an integrated Ethernet switch makes it easy to build a mix-and-match network with both wireless and wired clients. It’s not surprising that this type of device is the most popular for SOHO networking.
What benefits do these features provide?
If you are going to use the Access Point only in a closed network, the broadband connection (WAN port) won’t be necessary. However, you will be hard-pressed to find an Access Point that doesn’t have this port, and it can be ignored until you want to use it.
DHCP enables clients to obtain a server-assigned IP address and IP configuration from the Access Point. A DHCP server uses a private address range (one that is not valid for use on the Internet). The most common range that SOHO wireless routers support is the 192.168.x.x range; however, some routers also support 172.16.x.x. If your wireless router has an Ethernet switch, the DHCP server provides addresses to both wired and wireless clients connected to the router.
When making a connection to the Internet, the Access Point substitutes its IP address in packets the client sends out onto the Internet. When packets for the client are returned to the Access Point, it removes its own address and replaces it with the client’s address. This technique is known as Network Address Translation (NAT). Using NAT and a private address range enables you to use a single Internet connection and share it with two or more computers. A second benefit of NAT is that it helps prevent other computers on the Internet from gaining addressing information about the computers on your local network. Although not a perfect firewall solution, NAT can prevent simple attempts at intrusion.
DHCP is usually employed by Internet service providers (ISPs). This is because the IP address space used on the Internet is finite, and there aren’t enough addresses to go around for all the computers that connect to the Internet. Thus, if you have a broadband connection for your Access Point, network packets going to and from the Internet are going through two levels of NAT! The first level is between the ISP and your wireless Accent Point. The second is between the Accent Point and a client computer on the wireless network.
For more information about Network Address Translation, see Chapter 45, “Firewalls.” DHCP is covered in Chapter 28, “BOOTP and Dynamic Host Configuration Protocol (DHCP).”
An Access Point that incorporates three or more RJ-45 ports includes a 10/100 Ethernet switch. This feature enables you to connect computers to the Access Point using a wired connection. This feature is useful when you only need to use wireless networking for a few computers (such as laptops that you move around the home or office), while other wired computers (such as a desktop workstation or server) are located in a fixed location. Another reason for using an Access Point that provides both wired ports and wireless networking is that 802.11b operates at speeds ranging from 1Mbps to 11Mbps. Although these rates may be sufficient for some computers, servers and other client computers that transfer large amounts of data are candidates for a wired 100Mbps connection. Thus, you get the best of both types of networking. This also enables you to add wireless capabilities to computers over time, allowing you to spread out your expenses when buying wireless network cards.
Note
802.11a and 802.11g wireless networks operate at rates up to 54Mbps. Although this is less than the 100Mbps you can achieve using a wired connection, it might be sufficient for servers and some clients in your network, especially laptop computers.
Distance Limitations
In general, 802.11b networks can span a distance up to 100 meters indoors and up to 300 meters outdoors. However, such seemingly trivial things as buildings, trees (as well as the weather), and other similar barriers can dramatically reduce this distance. When planning for the installation of a wireless network that will require more than one Access Point, because of distance limitations, start with just one Access Point, and test using it at different parts of the building. Using this method, you can determine how many Access Points will be needed. Don’t count on the distances provided for in the 802.11b specifications. Additionally, if you are going to use more than one type of network adapter card—such as one for laptop computers and another for desktop computers—or cards from different manufacturers, be sure to perform the same tests using each type of adapter.
Although you can use repeaters to increase range, most APs have removable antennas, enabling you to install higher-gain or directional antennas to improve range or coverage. We recommend trying better antennas before adding repeaters to your wireless network because the fewer devices you have on your network, the simpler it is to manage and the more reliable it is.
Firewalls
In addition to NAT, some Access Points come with minimal firewall capabilities. For example, you can use port blocking and packet filtering to help protect your LAN. Although not a necessity, a firewall, along with a good antivirus program, helps protect your wireless network from many of the malicious attacks that periodically occur on the Internet. Even if the Access Point does provide a simple firewall, you should probably go the extra mile and buy a software-based firewall for each computer in your network that uses other firewall techniques. The costs for these programs is minimal (usually around $50) when you consider the time it takes to restore data from backups when a virus, a worm, or another similar program invades your computer. $50 is not much to pay for the extra security that a firewall and an antivirus program can give you.
Although Windows XP includes a firewall and the version included in Windows XP Service Pack 2 offers enhanced features and easier configuration, it does not inspect outgoing packets that could be generated by a virus, worm, or spyware. For this reason, a third-party firewall such as Zone Alarm is highly recommended.
Note
NAT and firewalls are covered in greater detail in Chapter 45. This is recommended reading for anyone who is thinking about connecting any LAN to the Internet. In addition, all chapters in Part VIII, “System and Network Security,” should be required reading material for anyone who operates a network in which a high degree of security is desired.
Access Points with VPN Support
If you plan to connect to an enterprise network via a virtual private network (VPN), you might need an AP that is especially designed to handle VPN traffic. Although virtually any AP supports a single VPN tunnel, you need a specially designed AP to handle two or more VPN tunnels or to handle incoming VPN traffic.
If two or more users on your home or SOHO network need VPN support at the same time, be sure to use an AP designed to support multiple tunnels. Some of these APs also provide better firewall features than normal APs. Note that most products with enhanced VPN support are actually wireless routers with integrated Ethernet switches.
Do You Need a Wireless Network?
After comparing wireless 802.11 networking to cabled network technologies, how do you decide which is best for you? A number of factors should be considered.
A large enterprise with hundreds, or perhaps thousands, of computers will obviously need a large wired network, with LANs connected by ATM, Frame Relay, and other switched network technologies. Deciding where to use Access Points at some locations is a choice to be made by
The need for wireless networking at that point
Distance limitations
The security considerations associated with the placement of the Access Point
In Chapter 23 you will find a discussion of the security implications of using a wireless network, and how encryption and authorization mechanisms can be used to make the network secure.
If a wireless network is needed strictly for peripheral or folder sharing in a small business, an ad hoc wireless network (no AP is needed) is sufficient. However, if the wireless network must be connected to an existing wired network or to the Internet, an AP must be added to the network. You can use an AP with an integrated router and 10/100 Ethernet switch instead of a separate AP, Ethernet switch, and router.
Some businesses require the most stringent security requirements, using other technologies that are discussed in Chapter 24, “Overview of the TCP/IP Protocol Suite,” as well as virtual private networks, covered in Chapter 46, “Virtual Private Networks (VPNs) and Tunneling.”
Connecting the Wireless Network to a Wired LAN
In Chapter 18, “Introduction to Wireless Networking,” you learned that you can create an ad hoc wireless network by using a collection of computers. When you use an AP to mediate communications between the wireless clients, you create an infrastructure network. When you’re using a few laptop computers in a temporary location, an ad hoc wireless configuration may suffice.
However, if you are going to connect your LAN to the Internet, an AP is required to connect the LAN to the cable/DSL modem or another Internet connection.
If the wired network or broadband connection operates at a faster bandwidth (and most do today, with 100Mbps being the lowest common denominator for wired networks), the AP can buffer between the lower-speed wireless network and the 100Mbps wired network.
If your AP does not include an Ethernet switch, you can connect the AP to an unused port on an existing Ethernet switch. Whether an AP has an integrated Ethernet switch or the AP is connected to an existing switch, wired and wireless clients can be part of the same network. By configuring wired and wireless clients with the same workgroup name or by using the same domain controller, they can become part of the same network, sharing printers, an Internet connection, and folders.
Dual-Mode Access Points
The next chapter covers IEEE 802.11a. This standard enables data rates up to 54Mbps. A dual-mode Access Point operates using both technologies (some support 802.11a and 802.11g), and can buffer data between the lower and higher data rates. Dual-mode Access Points cost more than an Access Point that works with just one technology.
A dual-mode Access Point can be useful in several situations:
In expanding an existing 802.11b network. For example, if you have already invested in 802.11b devices, but want to use the faster 802.11a technology when you add newer devices to the network, a dual-mode Access Point can enable all devices to interact with each other.
In providing an upgrade path for your wireless network. Again, if you have already invested in 802.11b equipment, a dual-mode Access Point can enable you to slowly replace these devices with 802.11a as your budget permits. In a large network, it can be expensive to change out all of your network adapters as well as Access Points at the same time.
In providing access to temporary network clients. If a business client, a consultant, or another person visits your site and brings his own wireless computer (such as a laptop), then a dual-mode Access Point enables that person to make a connection to your network no matter whether he uses 802.11a, 802.11b, or 802.11g.
Note
You don’t need a dual-mode AP to support 802.11g and 802.11b clients on the same network. Both clients use the same 2.4GHz frequency band, so an 802.11b client can connect with an 802.11g AP, and an 802.11g client can connect with an 802.11b AP. Most mixed-mode networks run at the speed of the slowest client or AP, though. Thus, standardizing on 802.11g hardware provides a faster network than one which mixes 802.11b and 802.11g hardware.
The next chapter will give you an overview of 802.11a networking, and Chapter 21 covers a newer standard, 802.11g. Chapter 21 also shows how to configure these clients.
Why Wi-Fi?
The Wireless Ethernet Compatibility Alliance, now known as the Wi-Fi Alliance, was formed specifically to test 802.11-based wireless network products from different manufacturers to ensure interoperability. The brand name chosen by the Wi-Fi Alliance for these products is Wi-Fi (Wireless Fidelity). You can access the organization’s Web site at www.weca.net or www.wi-fi.org.
Although the Wi-Fi Alliance was originally created to encourage testing for interoperability for 802.11b products, the scope of the organization has continued to expand to include new wireless products and standards. Table 19.3 lists the current certifications supported by the Wi-Fi Alliance.
Table 19.3. Wi-Fi Alliance Certifications
Because of the popularity of Wi-Fi Certification, many 802.11-compatible products are now referred to as Wi-Fi products, even if they have not passed Wi-Fi Alliance testing. However, only products that have passed Wi-Fi Alliance certification testing are permitted to use the Wi-Fi Certified logo. Thus, when you hear a product advertised as Wi-Fi Certified, you can be assured that it’s based on one of the IEEE 802.11 standards supported by the Wi-Fi Alliance and that it should work with other products that have the Wi-Fi logo and use the same frequency.
Note
Although it is common usage to equate Wi-Fi and 802.11, this is not correct. Although every Wi-Fi Certified device corresponds to one of the 802.11 standards, some 802.11-compatible devices have not been Wi-Fi Certified. You can mix-and-match Wi-Fi Certified and non-certified 802.11 devices, but to avoid problems, you’re better off using only Wi-Fi Certified devices.