- Simple home Wireless LANs
- Wireless Bridging
- Medium sized Wireless LANs
- Large scale enterprise switched Wireless LANs
Wireless LANs based on the IEEE 802.11 standards allow wire- free networking in the local area network environment using the unlicensed 2.4 or 5.3 GHz unlicensed radio band. They're used everywhere from homes to Fortune 500 companies to hotspot Internet access. This article will offer a brief summary of the various network topologies in various environments.
Simple home Wireless LANs
In the most common and cheapest example of a home Wireless LAN, Figure 1 shows a single device acting as the Firewall, Router, Switch, and Wireless Access Point. These Wireless Routers can provide a wide range of functions such as:
- Protects the home network from outside intruders
- Allows the sharing of a single Internet IP address from an ISP (Internet Service Provider)
- Provides Wired Ethernet service for typically 4 computers but can also be expanded with another Ethernet Switch or Hub
- Serves as a Wireless Access Point for multiple wireless computers
These devices come from a variety of manufacturers such as Linksys (Cisco), D-Link, Netgear, SMC, Belkin, and other companies. Basic models can be purchased for as little as $30 and high-end models can be more than $150. The basic models typically have a single Wi-Fi radio offering 2.4 GHz 802.11b/g operation while the higher end models will offer dual-band Wi-Fi radios or high-speed MIMO capability. Dual-band Access Points have two radios which provide 2.4 GHz 802.11b/g and 5.3 GHz 802.11a capability while MIMO Access Points use multiple radios to boost performance in the 2.4 GHz range. Dual-band Access Points are essentially two Access Points in one and can serve two non-interfering frequencies at the same time while the newer MIMO devices boost speed in the 2.4 GHz range along with superior range. Unfortunately, the 2.4 GHz range is often congested and manufacturers have stayed away from dual-band MIMO devices because of cost concerns since they're already the most expensive to begin with. Dual-band devices don't have the highest performance or range, but allow you to operate in the relatively uncongested 5.3 GHz range and allow two devices to operate at full speed simultaneously if they are in different bands.
Figure 2 is a less common example of a home network where the Wireless Access Point is a separate device. This topology is more expensive but offers more flexibility. Consolidated router/wireless devices may not offer all the features desired by power users. In this configuration, it's possible for the Access Point to cost more than an equivalent Router and AP in one and that's probably due to the fact that there are fewer sold since most people prefer the combined functionality. Some people require higher end routers and switches that have features such as bandwidth throttling and gigabit Ethernet and having a modular design allows them the flexibility they need.
More detailed information on building a home network can be found here.
Wireless Bridges allow buildings to connect wirelessly when wiring is too expensive or a second redundant connection is needed as a backup for a wired connection. 802.11 devices are commonly used for this application as well as optical line-of-sight Wireless bridges. 802.11 radio based solutions are usually much cheaper and don't require a line-of-sight between the antennas to operate, but are significantly slower than optical solutions. 802.11 solutions typically operate in the 5 to 30 mbps range while optical solutions operate in the 100 to 1000 mbps range. Both types of bridges can operate beyond 10 miles although the radio based solution is more likely to reach these distances because it doesn't require line-of-sight. The down side to radio based solutions is the lower speed and the possibility of RF (radio frequency) interference while optical solutions aren't affected by RF. The down side of optical solutions is the higher entry price and the fact that line-of-sight isn't always possible between two locations.
Figure 4 illustrates a typical scenario where a Wireless Bridge is used to wirelessly extend an Ethernet network. There are many types of 802.11 bridges and some of them use proprietary methods of interlinking and may not always offer the best compatibility or security. A preferable solution is to use a simple Wireless Bridge that can connect to any common infrastructure-type Access Point as a regular WPA client to provide a secured wireless connection. Once bridged, an additional Ethernet Switch can be used to expand the port capacity and link multiple Wired Ethernet computers to the LAN over the wireless bridge. This is a cheaper option than outfitting multiple fixed position Desktop PCs with wireless Ethernet cards and having to configure them.
Medium sized Wireless LANs
Medium sized businesses have traditionally used a simple design where they simply put up multiple Access Points throughout their facilities where they needed Wireless coverage. This particular approach is probably the most common because it has a low cost of entry although it becomes difficult to manage once the number of Access Points gets beyond a hand full. Most of these types of Wireless LANs allow you to roam from Access Point to Access Point because they're configured on the same Ethernet subnet and SSID.
From a management standpoint, each Access Point is managed individually as well as the managed port that it's connected to. In more advanced implementations where multiple Virtual SSIDs are supported, VLAN trunking is used to connect the Access Point to multiple subnets over a single Ethernet connection to a managed switch port. The Switch in this case needs to be configured to support multiple VLANs over a single port. Although it's possible to use a template to configure multiple Access Points, it can still become difficult to manage a large number of Access Points when firmwares and configurations need updating.
From a security standpoint, each Access Point must be configured to handle its own Access Control and Authentication. RADIUS servers make this task easier because the Access Points can delegate Access Control and Authentication to the centralized RADIUS servers which in turn can be tied in to a central user database such as Windows Active Directory. But even so, a RADIUS relationship still needs to be built between each Access Point and each RADIUS server which can be complex if the number of Access Points are high.
Large scale Enterprise switched Wireless LANs
View larger image
Switched Wireless LANs are the latest advancement in wireless networking where simplified Access Points are controlled by a centralized Wireless Controller. Data is passed and managed through these centralized Wireless Controllers from manufacturers like Cisco (via Airespace acquisition), Aruba Networks, Symbol, and Trapeze Networks. The Access Points in this case have a simpler operating system designed to be of minimal complexity and the more complex logic is embedded in the Wireless Controller. The Access Points usually don't physically connect to the Wireless Controllers, but they're logically switched or routed through the Wireless Controllers. To support multiple VLANs, data is encapsulated in to a tunnel of some sort so that there is a direct logical connection from the Access Point to the Wireless Controller even if the devices are on different subnets.
From a management standpoint, the administrator only needs to manage the Wireless LAN controller which in turn can control hundreds of Access Points. These Access Points can use certain custom DHCP attributes to figure out where the Wireless Controller is and automatically link to it to become an extension of the Controller. This vastly improves the scalability of switched Wireless LANs because additional Access Points are essentially plug and play. For multi-VLAN support, the Access Points no longer need a special VLAN trunking port on the switch where it connects to and can use any old access port on any Switch or even Hub which eases manageability. The VLAN data is encapsulated and sent to the central Wireless Controller where it handles a single high speed multi-VLAN connection to the core network Switch. Security management is also consolidated because all Access Control and Authentication is handled at the centralized Controller rather than having it on each Access Point. Only the centralized Wireless Controller needs to be tied in to the RADIUS server which in turn is tied in to Active Directory in the example shown in Figure 6.
Another benefit of a Switched Wireless LAN is low-latency roaming. This allows latency sensitive applications like VoIP and Citrix. Cut-over times can happen in as 50 milliseconds which are mostly unnoticeable. Traditional Wireless LANs where each Access Point is configured independently have cut-over times in the 1000 millisecond range which can ruin phone calls and drop application sessions on Wireless devices. The main downside to Switched Wireless LANs is the additional cost because of the additional expense of the Wireless Controller. But in large Wireless LAN deployments, these additional costs can easily be offset by the ease of manageability.