Wireless LANs at Home

WLANs can extend over a range of 200 to 1000 feet,[20] but coverage depends on the density of the obstructions between the AP and the STA. Empirical evidence based on experiments at home indicates that every time an IEEE 802.11b signal needs to pass through a wall (e.g., sheetrock a.k.a. drywall), it loses approximately 20 to 30 percent of its power. If there are three or four walls between a STA and their nearest AP, the STA may not be able to hear the AP at all (or vice versa). The easiest solution to this situation in a home is to strategically locate two or three APs throughout the home, so that there will be adequate signal strength in locations from which the user might want to be able to access the WLAN.

[20] In fact, it is even possible to build a low-cost directional antenna that can send all of the RF energy in one direction. Several people have posted online instructions for using a pair of Pringles® cans to build antennas for extending an IEEE 802.11b link for several miles without illegally boosting the signal beyond the limits set by the FCC.

The most APs are likely to be sold (relative to the number of STAs that they support) into the home/SOHO market. In any given home or small business, an AP might serve only one to 10 STAs. In corporate settings, an AP may serve up to dozens of STAs. To date, the market for WLAN products has been approximately equal between home and corporate purchasers, but several studies indicate that the unit sales of APs into home/SOHO environments will exceed the number sold to corporations for deployment in larger networks. In a way, this makes sense, since there are potentially many more home networks than there are corporate networks.

Because WLAN technology will be slower than wired LAN technology for the time being, it is likely that any WLAN deployments in medium-to-large enterprises will be made as a parallel network to the existing wired LAN. However, in home and SOHO WLANs, the WLAN may be the only LAN. The implicit benefit of WLANs is that they are wireless. The need to have a network jack in each room of the house where you might want to use the computer and Internet is eliminated, and the clutter of all those extra wires in the office is reduced.

To share access to the Internet, the PCs or other networked devices must have a common network through which such access may be obtained. In the late twentieth century, essentially all home networks were Ethernet-based,[21] using wiring installed by the homeowner, providing connectivity to the rooms of the house that needed access to the network. The cost of adding a network drop within a house is about $100, including parts and labor (for each drop, although the cost per drop may be cheaper if the homeowner had them all installed at once; many new homes advertise pre-installed category-5 network cabling as a selling point).

[21] Although WLAN products did originally begin to emerge in the early 1990s, they were nonstandard, slow (not just by today's standards), and very expensive, compared to what we have today. The technology did not get much traction in the market until higher-speed standards-based WLAN products began to appear.

Initial applications for home networks included the usual PC-based networked applications, such as file sharing, printer sharing, and so forth. Technologies such as Universal Plug and Play (UPnP) allowed a PC to access pictures on a digital camera that was attached to a different PC by using a common network to discover the camera and to access the picture files within it. The number of types of devices that can be accessed over a network is increasing rapidly. A PDA may have a network interface, probably wireless. Emerging classes of home appliances will allegedly have integrated networking capabilities (e.g., a refrigerator that can automatically re-order bread or milk if you run out, or a light switch that is remotely controllable via a central control station).

Other devices that may be attached to a home network are home weather stations, fire and burglar alarm systems, game consoles (which can now support multiplayer gaming over local LANs or the Internet), and satellite or cable TV set-top boxes. A set-top box may provide audio/video access to or from a PC; for example, to support Personal Video Recorder (PVR; also known as Digital Video Recorder, or DVR) functionality. A set-top box with integrated PVR functionality (a DIRECTV® tuner with integrated TiVo® functionality) costs approximately $200 at the end of 2002, for a unit that can record 35 hours of programming; these prices will only drop, especially since new PCs have sufficiently large hard drives, and sophisticated graphics cards, that the PC itself can become a PVR, leveraging a home network to share recorded video throughout the household.[22]

[22] The author is not endorsing any particular device or service. In fact, the author has not personally used any such device. This class of device is discussed only as an example of another type of network application, nothing more.

Eventually, even the television set may evolve to include a network interface. It is even possible that a near-future home entertainment system will be networked using simple low-cost Ethernet patch cords to move digitally encoded audio and video data between devices, rather than the clumsy analog wiring of today's systems. Survey after survey shows that the key driving application for home networking is streaming audio and video between rooms of the house.

Evolving WLAN Technology Enables Future Applications

The currently most popular home-oriented application of WLANs is sharing Internet access among multiple WLAN devices at home (e.g., laptops or PDAs with integrated WLAN capabilities, or add-in PC Cards, or desktop PCs with add-in WLAN cards). As WLAN speeds increase, ever more bandwidth-intensive applications will become possible over future home-based WLANs.

For example, it is not uncommon for a new PC today to have over 100 GB of disk space. There are a substantial number of people who would love to copy their own CDs onto their hard drive, and use a small WLAN-based device to access the songs from anywhere in the house. This would be like having your own radio station that only played songs that you like. This sort of "audio jukebox" scenario is likely to be an early use of higher-speed WLANs (provided that Congress does not revoke the consumers' right to fair use of items they purchase).

Eventually, once sufficient bandwidth is available (and presuming that disk storage will continue to get denser and cheaper), it's not difficult to imagine that it will be possible to one day (within three to five years) store your collection of DVD movies on your PC, for playback on a laptop or future WLAN-equipped TV screen anywhere in the house, or even on a portable video viewer (or a laptop). It's conceivable that a future television set will have integrated WLAN capabilities, and will be able to discover the video jukebox in the home, from which it can access stored movies, recorded TV programs, and so forth. This would be like a super-enhanced version of today's PVRs. Such applications of WLANs are not far away, and there are surely others that we can't even imagine yet.

Wireless LANs at Home: WLAN-Enabled Gateways

The most significant trend in the market for so-called "home gateway" devices has been the addition of WLAN AP and Portal functionality. Typically, the "Portal" is not explicitly mentioned; in other words, a wireless home gateway usually is described as having an integrated AP. The fact that the AP is internally connected to the rest of the gateway is not usually explicitly stated, nor does it need to be if the wireless gateway did not provide packet forwarding service between the Internet and the users on the WLAN, the utility of the wireless AP would be greatly diminished. Before the widespread existence of WLAN devices, a home network was typically limited to operation in a single room, or wherever one was able to get the wires.

Before WLAN devices existed, wires were the only medium over which home networks could be operated. However, now that home gateways have evolved to support WLANs, the ease of deploying home networks has been greatly enhanced. Now, instead of figuring out how to get a wire to another room, one just has to add a WLAN card to each PC and put an AP in a common location such that all of the computers have reasonably good reception.

Clearly, home networks make sense for the same reason that corporate networks made (and make) sense they enable family members (or employees, as the case may be) to work together more effectively, and to share common network resources. Corporate networks have become mission-critical infrastructure, but it is a reasonable question to ask why an individual might want to install a network in his or her home. The answer is the same as the reason why networks are valuable to corporations…they provide a means to exchange data among a group of networked devices, particularly PCs. Other classes of devices are emerging that can also benefit from a network connection, from PDAs to intelligent refrigerators, to light switches, to home security systems. WLANs break down the barriers to deployment of networks in the home, by making installation easier, and by lowering the total cost of ownership.

Until recently, most homes had only one PC. However, as multiple-PC households became more common, there is an increasing desire to share data among the PCs[23] within the home, or to access networked resources such as printers. Internet access, especially broadband Internet access over DSL or cable modems, has been another key driver for a home network, since it would be terribly expensive to have a separate Internet connection for every PC in the home. It would no doubt please the currently cash-strapped telephone companies and ISPs if all their customers purchased a separate Internet connection for each of their home-based devices, but let's be realistic and observe that no residential customer would be stupid enough to blindly pay for separate phone lines (or DSL or cable modem connections) for every PC in the home…even if there were only two PCs in the home.

[23] Some people define "home networking" to be any form of connectivity among PCs in a multi-PC household (besides Ethernet and other LAN technologies, this might include serial or parallel data connections, Universal Serial Bus (USB) or IEEE 1394 (a.k.a. FireWire) connections, etc.), but for the purposes of this book we will focus on the LAN-oriented connectivity provided by Ethernet (a.k.a. IEEE 802.3) and IEEE 802.11.

In addition, it is not the case that every PC needs to be online all the time, so paying for more than one access line would be a serious waste of the end-user's money and the resources necessary to provide the connection including extra ports on the access server, more usage of copper pairs from the central office, more electricity to operate all the extra home access devices, the extra labor necessary to install all the other devices, and so on.

Of course, no rational customer would ever consider spending so much more money every month for the additional physical access circuits and Internet accounts. In fact, it would be foolish to not share the Internet access, since the very nature of packet-switched networks, which are based on statistical multiplexing, encourages (or at least enables) multiple packet streams to share a common physical access circuit. When the access circuit is free, another packet can use it at no incremental cost to the end user. Whether the provider's network is unduly stressed by the unplanned-for extra activity depends on the extent to which their network design "oversubscribed" (i.e., how many simultaneous end users is their backbone designed to accommodate?).

Due to the slow speed of even broadband access circuits (which top out at around 600 to 2,000 kbps in the downstream direction), a single end-user's PC can easily soak up the full capacity of the access line. Since any given customer is throttled by the speed of their link, even if it were 100 percent utilized, there is no way that the customer could generate more traffic than the link can carry, regardless of the number of PCs at that location. In fact, several PCs sharing a common link may use less backbone capacity than several individually connected PCs, since the access device may drop packets during busy periods, thereby throttling certain connections to a rate lower than the link could carry if the PC had a dedicated link.

From the backbone provider's perspective, a set of PCs sharing Internet access through a common link is equivalent to the situation in which all the PCs have dedicated access, since the aggregate traffic that the PCs would cause to traverse the provider's backbone would be the same whether or not they shared a common physical access link. In fact, the provider may even be better off with the PCs sharing a link, since they will be throttled by the link speed and won't be able to do more damage collectively than a single active PC with a single access link.

This argument is not 100 percent true, because when providers design their backbone infrastructures, they rely on certain models of expected customer traffic patterns based on the number of customers they expect to serve, and the assumption that most of their customer access links will be idle most of the time, since it really is the case that most customers' access links are idle for most of the time, except for certain peak usage times, when many customers might be causing traffic to cross the Internet provider's backbone. Therefore, if the Internet access provider's customers are using more cumulative bandwidth than the provider's backbone network was designed to carry, the overall performance may degrade, causing the provider to need to upgrade their network sooner than they otherwise might have. This will either cause the provider to lose customers (who leave in search of better performance) or make some strategic upgrades to their backbone infrastructure.

What Is a Home Gateway?

To connect the LAN at home with the Internet, a router needs to be deployed that has the necessary interfaces. In this case, the router is typically called a "home gateway." The home gateway has a feature set that is appropriate for its application (a generic router would work, but would have a number of inadequacies, such as the lack of NAT, and perhaps the lack of an integrated WLAN interface).

Figure 8-3 shows a "physical" view of a wireless home gateway. The illustrated gateway integrates at least three logical interfaces (previous generations of home gateways contained approximately the same components, with the obvious difference that they lacked the integrated WLAN AP):

  • A connection to the Internet. This connection is most often a 10BASE-T[24] Ethernet port that attaches to a separate device, typically an external broadband modem (e.g., a DSL or cable modem) that is actually a layer-2 bridge between the gateway's Ethernet interface and the provider's access technology. It is also possible for home gateways to have an integrated broadband chipset (e.g., Digital Subscriber Line (ADSL) or Data-over-Cable Service Interoperability Specification (DOCSIS) cable modem), which eliminates the need for the external Ethernet-to-broadband bridge. In the latter case, the "Internet" connection really is a WAN port, for connection to a coaxial cable or to a "phone jack" through which a DSL line is reached. This interface is labeled with a "0" in Figure 8-3.

    [24] The interface is limited to operation at 10 Mbps, since there is no need to connect to an ISP at a speed greater than 10 Mbps; for example, 100 Mbps.

  • A set of LAN interfaces[25] (labeled "1" through "4" in Figure 8-3) for attachment to "local" Ethernet devices (e.g., PCs, or other wired devices, such as hubs or switches).

    [25] Usually, there are four RJ-45 interfaces that comprise a single subnet, via either an integrated hub or a switch. In the latter case, the interfaces can do either 10BASE-T or 100BASE-TX based on the results of Ethernet autonegotiation. If the local LAN interfaces are components of an integrated Ethernet hub, they will all be running at the same speed 10 Mbps or 100 Mbps since a hub is a shared-medium and all the devices must be running at the same speed in that case.

  • A WLAN "interface," also for attaching to "local" devices (labeled "5" in Figure 8-3). This interface does not appear as a physical jack on the gateway, but as an antenna that is used to send and receive data. Some gateways have two antennas, so that they can select the one that is receiving the best signal on a moment-to-moment basis.

Figure 8-3. Physical diagram of a typical wireless home gateway

graphics/08fig03.gif

The home gateway's components may be easier to visualize if you consider the logical components that are integrated into the device, as depicted in Figure 8-4. The fact that they are all in one box does not change what the pieces do, or affect their relative inter-relationships. The most significant feature in a home gateway, besides WLAN capability, is Network Address Translation (NAT) which allows multiple devices to access the Internet and to appear to the external observer as if there was only a single device sending data to and receiving it from the Internet.

Figure 8-4. Logical components of a wireless home gateway

graphics/08fig04.gif

It is also possible to get a home gateway that does not have a WLAN interface, which would clearly omit the AP, but otherwise be functionally similar. Such home gateways do tend to cost less than gateways with integrated APs, and if a homeowner already has an AP, there may or may not be a need to have a second AP located in the gateway. There is a case study on home gateway deployment (in which the AP was separate) later in this chapter.

Many studies indicate that the penetration of broadband Internet access over the next several years is likely to continue to increase at a steady pace. Given that WLAN interfaces are only a small incremental cost when purchasing a home gateway, it is likely that at least some of the WLAN growth in the home market will be due to the effective "bundling" of WLAN capabilities into the home gateway devices that will be sold as broadband access becomes more popular. Figure 8-5 illustrates one projection of the growth of the broadband Internet access market in terms of what percentage of households have broadband access.

Figure 8-5. Actual and projected broadband Internet access penetration[26]

graphics/08fig05.gif

Sources: Jupiter Media Metrix; Jupiter Access Models[26]

[26] Other studies show lower penetration rates for broadband Internet access in the 2005 timeframe, but not by more than 5 percent or so. One should not take market projections too literally. I tend to look at where the market is going, realizing that it is just an educated guess that someone has made regarding the precise market size on a given date.

WLANs are far more attractive in the home than in the corporate setting, since at home there is typically no high-quality wired infrastructure (or even low-quality wired infrastructure!). Everyone seems to agree that wireless devices are more desirable than wired ones, due to the freedom of operating without being limited to moving within the radius of the patch cord, but in corporate networks, WLAN capability is just an adjunct to the existing wired LAN. It is even true that in corporate networks, wired [Ethernet] LAN jacks are numerous, and it is usually not difficult to find an attachment point.

For the deployment of wired LANs at home (e.g., to interconnect multiple APs), wall jacks were convenient, but not required…since a 10BASE-T or 100BASE-TX Ethernet patch cord can be up to 100 meters long, the patch cords can stretch beyond a single room and plug directly into a remote PC or other networked device.[27] The interconnection of APs by long patch cords may save a homeowner from having to invest in a small switch or hub to sit between the two APs (the switch may need to be in a place that does not have convenient power access, which is a further reason to prefer the "long patch cord" approach. In addition, the failure modes of wires are easier to diagnose than those of switches.

[27] In a house with central heating, it might be feasible to snake the patch cord from one room to another or one floor to another without needing to make holes in the walls and install actual wall jacks, by using the central heating ducts.

Home Networking: Why?

Beginning in the 1960s, networks became increasingly pervasive as the foundation for corporate computing environments. Early computer networks served to interconnect mainframe computers with each other, and with special-purpose devices such as terminals,[28] printers, and so forth. These early networks (e.g., IBM's Systems Network Architecture (SNA)) were based on connection-oriented packet switching principles and on point-to-point wiring; for example, terminals were connected to "cluster controllers" that multiplexed the packets from a set of terminals onto a common link toward the mainframe. Logically, these terminals operated as if they were directly attached to the mainframe, even though there were, in fact, active intermediate devices mediating the exchange of packets.

[28] Early terminals were sometimes application-specific; in other words, if workers needed to access multiple applications, they would have needed to have multiple terminals at their desk.

Beginning in the late 1980s and continuing through the early 1990s, LAN-based networks began to be deployed by corporations. Early LANs were wired using inexpensive coaxial cables that were easier to install, but more difficult to maintain. Initial deployments were in workgroups, where knowledgeable users set up small file servers and LANs so that people in the group could share access to a printer, and share files.

Eventually, corporations embraced LAN technology and installed (and managed) production-quality infrastructures. LANs based on "structured wiring" first LAN hubs, and then switches (wire-speed bridges) became available. Once the initial investment in structured wiring had been made, the network was much easier to maintain. Faults can be easily isolated to a single hub or switch port, which can be administratively disabled until the problem is solved, which prevents the problem from affecting other users. LANs were based on another form of packet switching, referred to as "connectionless" packet switching.

In connection-oriented networking protocols, each layer is responsible for ensuring that its data units are delivered intact. Therefore, each layer implements some form of error detection and retransmission, which complicates the design of the protocol. Such protocol features are important when transmitting over media that have high amounts of noise (relative to the signal). In contrast, connectionless networking protocols just send the data and hope it arrives intact. This is an adequate mode of operation over most modern media where errors due to noise are rare. LANs fall into this latter category. LAN protocols have a "frame check sequence" that is used to detect errored frames, so that the low-level network interface card can discard frames that it knows are corrupted. The missing frame will be detected by higher layer protocols, which will arrange for a retransmission (if the protocol is connection-oriented; some higher-level applications do not need reliable delivery, so the connectionless concept can extend right up through the Transport layer).

In these new LAN-based networks, the end-user's device was attached to the network, not the mainframe, and the attached device could access many different network resources (including, perhaps, mainframes) over its network connection. In other words, the PC becomes part of the network when it is attached, but there is no longer (necessarily) a single centralized computing entity like a mainframe. Mainframes do still exist, but they have morphed into high-end file servers and transaction-processing systems, which are applications that can benefit from their high-powered I/O capabilities.

Home Networking: Who?

The drivers for increased adoption of WLANs at home can be traced to two primary sources. First, there is a motivation to take advantage of the easy deployment of WLANs in the home, to support mobile intra-home computing, or to allow multiple PCs to wirelessly share network resources such as the Internet, or a household file server or printer. The printer need not be connected to the wired LAN…HP is now making a printer with an integrated WLAN interface. As other devices evolve to have integrated WLAN support, the value of the home-based WLAN will continue to increase.

Corporate Drivers of Home Networking

The corporate world has also been driving the adoption of broadband Internet access and home networking, to support workers who spend some (or all) of their work day at home. Not only have broadband network access technologies such as cable modems and DSL enabled better performance for networked applications, VPN and other security technologies have enabled the extension of a worker's workspace from the office into the home office. Companies are increasingly distributing their employees to their homes (for some or all of the work day) due to the widespread availability of inexpensive broadband Internet access, over which the user may run VPN software to obtain secure access to the corporate network.

Such a home worker is logically equivalent to a worker who is physically present, although this mode of working may not be efficient for everyone (people who frequently need to meet face to face with others would find it less attractive to work at home, but with the availability of high-speed Internet access and VPNs, employees have the flexibility to work when it is convenient (e.g., to work at home in the morning, avoiding being on the road during peak commuting hours), and employers have the flexibility in deciding the best location for a given employee, be it in the office or at home. The following list enumerates the types of workers that might work at home:

  • Day extenders: Employees who work extra hours at home (e.g., in the mornings, evenings, or on weekends), in addition to the time they spend in the office

  • Part-time teleworkers: Employees who telecommute some hours of each day, or perhaps certain days of the week. This category also applies to people who are sick enough that they do not want to pollute the office with their germs, but not sick enough that they have to take a sick day and stay in bed.

  • Full-time teleworkers: Employees for whom their home is their primary work site. This category includes people with home-based businesses.

The common thread here is flexibility. The full-time teleworkers represent flexibility for the employer (saves on office space), while the other categories represent flexibility for both the employer and employee. Some companies are beginning to modify their business processes to include (and encourage) teleworking programs, to integrate home-based workers into their corporate network infrastructure. Not all companies will compensate employees for the installation or service charges incurred as a result of the broadband Internet connection, but given that the Internet connection is always on, and the employees would not be using it if they were in the office, there is a reasonable case to be made that the employer should not pay for the monthly charge. If the service was installed for the convenience of the employer, it's conceivable that the employer would help pay for the installation charges.

For those employees who decide to (or must) work at home, a WLAN is often part of the package this is simply because home gateways with WLAN capabilities are hardly more expensive than home gateways without them… and if employees have a choice in which gateway to purchase, they will probably opt for the one with the WLAN interface, simply for the reasons that a typical home network user would want a WLAN ease of installation, mobility throughout the dwelling without needing to install wires and drag along Ethernet patch cords, and so forth.

The categories of workers listed in the following section might benefit from a WLAN at home (which from the corporation's perspective, is enabling an extension of the corporate network via the VPN to the user's home desktop or laptop). Note that some home gateways support VPN termination, but because of WLAN security limitations, many companies consider it bad form to have a VPN tunnel to the corporate network with an insecure WLAN at the end of the tunnel. However, when the VPN tunnel terminates in the laptop or desktop PC, there is much less security exposure.[29] For one example, I can state that it is against my current employer's corporate Information Technology policy to have an "open" WLAN attached to a device that is terminating a VPN. Any wireless devices in homes must terminate the VPN session within the device itself. Other employers will have their own rules, and it's best to not make any assumptions…always check before you do anything that might get you fired!

[29] It is a fact that some VPN solutions are better than others…if a good VPN is used, the security exposure is minimized. In the world of security, it is rare to find any absolute truths.

Security Aspects of Home WLAN Deployment

Several different scenarios may affect what level of security a user wants to a) pay for, and b) deploy. The good thing about the emerging RSN-capable devices is that they reduce the deployment headaches, leaving only the issue of cost.

Deployment for One's Own Use Isolated Deployment

Some people will just want WLANs for the mobility, ease of installation, and other killer features. In this setting, there is little need for security to be enabled, although newer RSN-capable products can be secured with only a minimal impact on usability. This scenario is relatively independent of the growth of broadband, and its coupled growth of teleworking.

If you are far from neighbors, it's less likely that you will need security to protect yourself from the casual STA associating with your AP and "borrowing" your Internet access. However, certain individuals may be worth spying on, and if you are one of these individuals, you would be well advised to buy RSN-capable APs and STAs just as soon as they are available and deploy them.

Deployment for One's Own Use in Close Quarters

In closer quarters, if users want to have a WLAN and restrict access to it, they will want RSN-level encryption, authentication, and key management. Other features may be used in conjunction with encryption (or without) such as MAC address filtering. Yes, it is possible that MAC addresses can be spoofed, but that requires a moderately motivated attacker. A casual wireless moocher will probably look for an easier target.

Deployment for Shared Use Implicitly in Close Quarters

Users in this case will explicitly not care about security between their WLAN clients (who they may not even know) and the Internet. They may care about security between "trusted" and "un-trusted" WLAN clients. An AP suitable for such a deployment may want to support RSN and non-RSN STAs at the same time, perhaps by using VLANs to keep them in different subnets. This way, the RSN STAs can securely talk amongst themselves, while the freeloaders can access the Internet and not have access to the RSN STAs at all, at least not in any direct way.



A Field Guide to Wireless LANs for Administrators and Power Users
A Field Guide to Wireless LANs for Administrators and Power Users
ISBN: 0131014064
EAN: 2147483647
Year: 2005
Pages: 60
Authors: Thomas Maufer

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net