• Introduction
  • Simple home Wireless LANs
  • Wireless Bridging
  • Medium sized Wireless LANs
  • Large scale enterprise switched Wireless LANs


Wireless LANs based on the IEEE 802.11 standards allow wire- free networking
in the local area network environment using the unlicensed 2.4 or 5.3 GHz
unlicensed radio band.  They’re used everywhere from homes to Fortune 500
companies to hotspot Internet access.  This article will offer a brief
summary of the various network topologies in various environments.

Simple home Wireless LANs

Figure 1

In the most common and cheapest example of a home Wireless LAN, Figure 1
shows a single
device acting as the Firewall, Router, Switch, and Wireless Access Point. 
These Wireless Routers can provide a wide range of functions such as:

  • Protects the home network from outside intruders
  • Allows the sharing of a single Internet IP address from an ISP (Internet
    Service Provider)
  • Provides Wired Ethernet service for typically 4 computers but can also
    be expanded with another Ethernet Switch or Hub
  • Serves as a Wireless Access Point for multiple wireless computers

These devices come from a variety of manufacturers such as Linksys (Cisco),
D-Link, Netgear, SMC, Belkin, and other companies.  Basic models can be
purchased for as little as $30 and high-end models can be more than $150. 
The basic models typically have a single Wi-Fi radio offering 2.4 GHz 802.11b/g
operation while the higher end models will offer dual-band Wi-Fi radios or
high-speed MIMO capability.  Dual-band Access Points have two radios which
provide 2.4 GHz 802.11b/g and 5.3 GHz 802.11a capability while MIMO Access
Points use multiple radios to boost performance in the 2.4 GHz range. 
Dual-band Access Points are essentially two Access Points in one and can serve
two non-interfering frequencies at the same time while the newer MIMO devices
boost speed in the 2.4 GHz range along with superior range.  Unfortunately,
the 2.4 GHz range is often congested and manufacturers have stayed away from
dual-band MIMO devices because of cost concerns since they’re already the most
expensive to begin with.  Dual-band devices don’t have the highest
performance or range, but allow you to operate in the relatively uncongested 5.3
GHz range and allow two devices to operate at full speed simultaneously if they
are in different bands.

Figure 2

Figure 2 is a less common example of a home network where the Wireless Access Point is a
separate device.  This topology is more expensive but offers more
flexibility.  Consolidated router/wireless devices may not offer all the
features desired by power users.  In this configuration, it’s possible for
the Access Point to cost more than an equivalent Router and AP in one and that’s
probably due to the fact that there are fewer sold since most people prefer the
combined functionality.  Some people require higher end routers and
switches that have features such as bandwidth throttling and gigabit Ethernet
and having a modular design allows them the flexibility they need.

More detailed information on building a home network can be found

Wireless Bridging

Figure 3

Wireless Bridges allow buildings to connect wirelessly when wiring is too
expensive or a second redundant connection is needed as a backup for a wired
connection.  802.11 devices are commonly used for this application as well
as optical line-of-sight Wireless bridges.  802.11 radio based solutions are
usually much cheaper and don’t require a line-of-sight between the antennas to
operate, but are significantly slower than optical solutions.  802.11
solutions typically operate in the 5 to 30 mbps range while optical solutions
operate in the 100 to 1000 mbps range.  Both types of bridges can operate
beyond 10 miles although the radio based solution is more likely to reach these
distances because it doesn’t require line-of-sight.  The down side to radio
based solutions is the lower speed and the possibility of RF (radio frequency)
interference while optical solutions aren’t affected by RF.  The down side
of optical solutions is the higher entry price and the fact that line-of-sight
isn’t always possible between two locations.

Figure 4

Figure 4 illustrates a typical scenario where a Wireless Bridge is
used to wirelessly extend an Ethernet network.  There are many types of
802.11 bridges and some of them use proprietary methods of interlinking and may
not always offer the best compatibility or security.  A preferable solution
is to use a simple Wireless Bridge that can connect to any common
infrastructure-type Access Point as a regular
WPA client to
provide a secured wireless connection.  Once bridged, an additional
Ethernet Switch can be used to expand the port capacity and link multiple Wired
Ethernet computers to the LAN over the wireless bridge.  This is a cheaper
option than outfitting multiple fixed position Desktop PCs with wireless
Ethernet cards and having to configure them.

Medium sized Wireless LANs

Figure 5

Medium sized businesses have traditionally used a simple design where they
simply put up multiple Access Points throughout their facilities where they
needed Wireless coverage.  This particular approach is probably the most
common because it has a low cost of entry although it becomes difficult to
manage once the number of Access Points gets beyond a hand full.  Most of
these types of Wireless LANs allow you to roam from Access Point to Access Point
because they’re configured on the same Ethernet subnet and

From a management standpoint, each Access Point is managed individually as
well as the managed port that it’s connected to.  In more advanced
implementations where multiple Virtual SSIDs are supported,
trunking is used to connect the Access Point to multiple subnets over a single
Ethernet connection to a managed switch port.  The Switch in this case
needs to be configured to support multiple VLANs over a single port. 
Although it’s possible to use a template to configure multiple Access Points, it
can still become difficult to manage a large number of Access Points when
firmwares and configurations need updating.

From a security standpoint, each Access Point must be configured to handle
its own Access Control and Authentication.  RADIUS servers make this task
easier because the Access Points can delegate Access Control and Authentication
to the centralized RADIUS servers which in turn can be tied in to a central user
database such as Windows Active Directory.  But even so, a RADIUS
relationship still needs to be built between each Access Point and each RADIUS
server which can be complex if the number of Access Points are high.


Large scale Enterprise switched Wireless LANs

Figure 6

View larger image

Switched Wireless LANs are the latest advancement in wireless networking
where simplified Access Points are controlled by a centralized Wireless
Controller.  Data is passed and managed through these centralized Wireless
Controllers from manufacturers like Cisco
(via Airespace acquisition), Aruba
, Symbol, and
Trapeze Networks
The Access Points in this case have a simpler operating system designed to be of
minimal complexity and the more complex logic is embedded in the Wireless
Controller.  The Access Points usually don’t physically connect to the
Wireless Controllers, but they’re logically switched or routed through the
Wireless Controllers.  To support multiple VLANs, data is encapsulated in
to a tunnel of some sort so that there is a direct logical connection from the
Access Point to the Wireless Controller even if the devices are on different

From a management standpoint, the administrator only needs to manage the
Wireless LAN controller which in turn can control hundreds of Access Points. 
These Access Points can use certain custom DHCP attributes to figure out where
the Wireless Controller is and automatically link to it to become an extension
of the Controller.  This vastly improves the scalability of switched
Wireless LANs because additional Access Points are essentially plug and play. 
For multi-VLAN support, the Access Points no longer need a special VLAN trunking
port on the switch where it connects to and can use any old access port on any
Switch or even Hub which eases manageability.  The VLAN data is
encapsulated and sent to the central Wireless Controller where it handles a
single high speed multi-VLAN connection to the core network Switch. 
Security management is also consolidated because all Access Control and
Authentication is handled at the centralized Controller rather than having it on
each Access Point.  Only the centralized Wireless Controller needs to be
tied in to the RADIUS server which in turn is tied in to Active Directory in the
example shown in Figure 6.

Another benefit of a Switched Wireless LAN is low-latency roaming.  This
allows latency sensitive applications like VoIP and Citrix.   Cut-over
times can happen in as 50 milliseconds which are mostly unnoticeable. 
Traditional Wireless LANs where each Access Point is configured independently
have cut-over times in the 1000 millisecond range which can ruin phone calls and
drop application sessions on Wireless devices.  The main downside to
Switched Wireless LANs is the additional cost because of the additional expense
of the Wireless Controller.  But in large Wireless LAN deployments, these
additional costs can easily be offset by the ease of manageability.