Ask the Wi-Fi Guru: January Edition

Happy New Year, people with wireless networking problems. If your New Years' resolution is to solve your wireless woes, you've come to the right place! If your resolution is to stop smoking, lose weight, get fit and sell your house in this market, you'll find help with all that stuff elsewhere online—if you can get online, that is, which you can’t, if your wireless network is down. So, no matter how ambitious your resolutions are this year, you'll get nowhere without reading this column first. (Although, that might be tricky if your network really is down…maybe you're at a friend's house. Or at work. Shouldn't you be working?)

Happy New Year, people with wireless networking problems. If your New Years' resolution is to solve your wireless woes, you've come to the right place! If your resolution is to stop smoking, lose weight, get fit and sell your house in this market, you'll find help with all that stuff elsewhere online—if you can get online, that is, which you can’t, if your wireless network is down. So, no matter how ambitious your resolutions are this year, you'll get nowhere without reading this column first. (Although, that might be tricky if your network really is down…maybe you're at a friend's house. Or at work. Shouldn't you be working?)

I'm trying to install several access points at work, and I need to allow roaming between all access points. Could you provide guidelines and recommend some good client software? —Marco

They say there are a thousand ways to skin a cat, but in this case there are actually two ways to skin the cat. Except the cat is a wireless network. (No cats were harmed in writing this column, although one was very sleepy.) Both WDS (wireless distribution system) and mesh networking could be used to accomplish your goal. Assuming that you need only a few access points distributed over a floor or two of an office building, then WDS is probably the easier solution.

When you establish a WDS link between two routers, they pair with one another on the same channel and SSID. Wireless clients will roam between them, associating with whichever AP is stronger without further user intervention. You can create a mini-network by linking several routers together using WDS, effectively extending your roaming network over a large area. However, there are a few caveats to this kind of configuration.

First, you need wireless routers that support WDS. You will find WDS in some off-the-shelf routers, or you can load a third-party firmware like DD-WRT onto the router. There is anecdotal evidence that WDS may work most reliably between routers running the same software, so if you have the luxury of building this network from scratch it would make sense to buy a batch of identical routers and load them all with the latest version of DD-WRT.

Creating WDS links requires a few pre-requisites: besides sharing the same channel (ideally 1, 6, or 11) and SSID, all routers must be set to exclusive G mode. This means that older wireless clients which support only 802.11b networking will not be able to connect to your network. All routers in the WDS network must be set to identical security parameters—however, WDS implementations vary in precisely which security methods they support. Older WDS implementations may support only WPA, but not WPA2, with AES passphrases rather than TKIP or TKIP+AES. The latest version of DD-WRT is said to support both WPA and WPA2 with AES. You should always setup a WDS without security enabled at first, so that you can verify that it is otherwise working correctly.

Next, you need to create a plan for your WDS network. Designate one wireless router as the "parent"—this will be connected to your incoming broadband connection (such as cable or DSL modem). Your other wireless routers will be "children" of your parent router, once the WDS links are configured.

The important thing to remember is that a WDS link cuts in half the bandwidth available to wireless clients associated with the "child" router. This is because the child router is acting as a relay or repeater, talking to both the parent router and the wireless client. Most consumer routers have only one radio, and therefore it can't communicate with both relationships at the same time.

Most broadband connections are still much slower than your wireless LAN, which means that even with half the LAN bandwidth available, wireless clients should not lose Internet speed. But they will lose LAN speed compared to clients associated directly with your parent router. You can also connect wired clients to a WDS-connected child router without incurring the 50% speed penalty.

Pictured (right), you can see the layout for a WDS network with two "generations." The parent router—A—has WDS links to two children, B and C. To further extend the reach of the network, a second generation—D—has been added using a daisy-chained WDS link to router C.

The WDS configuration for each router will require that you enter the MAC address for the wireless LAN of the paired router. So, the WDS configuration for router A will contain the MAC addresses for the wireless LAN of routers B and C. Likewise, the configuration for router B will contain the wireless LAN MAC address for router A. And so on.

Note that wireless clients who associate with router D will experience 1/4 LAN speed compared to clients connected to router A. This is because router D is two WDS links away from the parent, each incurring a 50 percent penalty. Whether this affects the Internet speed of wireless clients on router D would depend on how fast the incoming Internet connection is.

To avoid problems, your WDS network should not be a loop or contain nodes with multiple paths back to the parent. For example, in the pictured network, if router D was configured with a WDS link to both routers C and B, then there would be two "paths" from D back to the parent. This may cause your WDS network to experience problems.

There are limits to how many children and generations can be linked up in a WDS network. Hard numbers vary by WDS implementation, but often range between six and 10 routers—for a larger network, mesh networking would provide a better (though more complex) solution.

My brother works for a tow boat company that navigates the Mississippi, Ohio and Cumberland Rivers. His current assignment is on a boat with one laptop in the wheel house connected to the Internet by what he calls an "air card." I'm guessing that is cellular. They'd like to share wireless Internet throughout the entire vessel. Is it possible to share cellular Internet? Can cellular Internet be routed? Could the signal be boosted or transmitted by wire to different sections of the boat? - Amber

Speaking of boats, imagine if the Titanic had wireless Internet. Would Jack have changed his Facebook status to "sinking"? Would Rose have been sending Twitter updates, like "iceberg ouch!" and "in lifeboat, turning blue." Of course, the whole idea is silly because if they had Internet access then help would have been summoned quickly and the whole disaster averted—and by "disaster" I mean the James Cameron film.

An "air card" is indeed a cellular Internet connection. And it absolutely can be routed, to either wired or wireless clients, just like a traditional land-based Internet connection. The best way to do this is using a 3G router, such as the Cradlepoint MBR1000. Essentially it is a wireless-n router with four wired ports and can accept a wide range of ExpressCard or USB 3G modems. If this router alone doesn't provide enough wireless range for the whole boat, it can be extended by any of the usual methods—either by running a cable to another router elsewhere in the ship, or relaying the wireless signal via WDS (see above), for example.

At slightly more than $200, the MBR1000 is more expensive than a typical home router. Cradlepoint also sells less costly models (including battery and DC-powered varieties), which would probably require linking to at least one more router to extend range throughout the boat. For closer to $100 you can pick up a wireless 3G router from Linksys for either Sprint or AT&T service. Another popular 3G router is the Kyocera KR2, which is similar to the MBR1000 in both pricing and specs. [For reviews of similar routers, read “Review: CradlePoint CTR500 Cellular-Ready Travel Router,” and “D-Link 3G Mobile Router for EV-DO Networks.”]

One thing to keep in mind when sharing a 3G cellular connection is that many service plans include quotas. With multiple clients using the connection, it might be easier to surpass the monthly bandwidth cap and wind up with an unpleasant surprise on your next bill. [For more on measuring bandwidth consumption, read “How to: Measure your Broadband Consumption,” “Measure Network Performance with iperf,” and “Propel's Personal Bandwidth Manager.”]

Guru Tip: Slow Wireless with WPA on Mac OS X.

Recently, a friend of the Wi-Fi Guru experienced a seemingly strange problem with her home wireless connection. Her Leopard-based Macbook connected to a Linksys WRT54GL router loaded with DD-WRT V24 and secured using WPA, but speed tests revealed performance less than 2Mbps despite being on a 10Mbps cable connection, even with no other clients in use. Yet the Guru's Thinkpad T60, when connected to the same router, performed at nearly 9Mbps.

To investigate whether the Macbook's slow performance might be related to the network's security settings, I first disabled security on the router. Voila! The Macbook suddenly showed nearly 9Mbps speed. Although there is some extra overhead when using wireless encryption, it should hardly exact such a huge penalty. Plus, we use security for a reason. Next, I re-enabled WPA, but changed the PSK (pre-shared key) from TKIP to AES. Turns out, this did the trick—OS X Leopard continued to pull down 9Mbps with WPA AES. It remains a mystery why WPA TKIP—which is often the default WPA configuration—suffered so much on this Macbook. If any readers have had similar experiences or can shed any further light, please share!

[Note: I did not test TKIP vs. AES under WPA2 because this friend's network includes wireless clients that lack WPA2 support.]

Aaron Weiss is a freelance writer, author, and Wi-Fi enthusiast based in upstate New York. To submit your questions to the Wi-Fi Guru, simply click on Aaron's byline and put "Wi-Fi Guru" in the subject line.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

I'm trying to install several access points in the company where I work, and I need to allow roaming between all access points. Could you give some guidelines and also recommend some good client software? —Marco

A: They say there are a thousand ways to skin a cat, but in this case there are actually two ways to skin the cat. Except the cat is a wireless network. (No cats were harmed in writing this column, although one was very sleepy.) Both WDS (wireless distribution system) and mesh networking could be used to accomplish your goal. Assuming that you need only a few access points distributed over a floor or two of an office building, then WDS is probably the easier solution.

When you establish a WDS link between two routers, they pair with one another on the same channel and SSID. Wireless clients will roam between them, associating with whichever AP is stronger without further user intervention. You can create a mini-network by linking several routers together using WDS, effectively extending your roaming network over a large area. However, there are a few caveats to this kind of configuration.

First, you need wireless routers that support WDS. You will find WDS in some off-the-shelf routers, or you can load a third-party firmware like DD-WRT onto the router. There is anecdotal evidence that WDS may work most reliably between routers running the same software, so if you have the luxury of building this network from scratch it would make sense to buy a batch of identical routers and load them all with the latest version of DD-WRT.

Creating WDS links requires a few pre-requisites: besides sharing the same channel (ideally 1, 6, or 11) and SSID, all routers must be set to exclusive G mode. This means that older wireless clients which support only 802.11b networking will not be able to connect to your network. All routers in the WDS network must be set to identical security parameters—however, WDS implementations vary in precisely which security methods they support. Older WDS implementations may support only WPA, but not WPA2, with AES passphrases rather than TKIP or TKIP+AES. The latest version of DD-WRT is said to support both WPA and WPA2 with AES. You should always setup a WDS without security enabled at first, so that you can verify that it is otherwise working correctly.

Next, you need to create a plan for your WDS network. Designate one wireless router as the "parent"—this will be connected to your incoming broadband connection (such as cable or DSL modem). Your other wireless routers will be "children" of your parent router, once the WDS links are configured.

The important thing to remember is that a WDS link cuts in half the bandwidth available to wireless clients associated with the "child" router. This is because the child router is acting as a relay or repeater, talking to both the parent router and the wireless client. Most consumer routers have only one radio, and therefore it can't communicate with both relationships at the same time.

Most broadband connections are still much slower than your wireless LAN, which means that even with half the LAN bandwidth available, wireless clients should not lose Internet speed. But they will lose LAN speed compared to clients associated directly with your parent router. You can also connect wired clients to a WDS-connected child router without incurring the 50% speed penalty.

Pictured (right), you can see the layout for a WDS network with two "generations." The parent router—A—has WDS links to two children, B and C. To further extend the reach of the network, a second generation—D—has been added using a daisy-chained WDS link to router C.

The WDS configuration for each router will require that you enter the MAC address for the wireless LAN of the paired router. So, the WDS configuration for router A will contain the MAC addresses for the wireless LAN of routers B and C. Likewise, the configuration for router B will contain the wireless LAN MAC address for router A. And so on.

Note that wireless clients who associate with router D will experience 1/4 LAN speed compared to clients connected to router A. This is because router D is two WDS links away from the parent, each incurring a 50 percent penalty. Whether this affects the Internet speed of wireless clients on router D would depend on how fast the incoming Internet connection is.

To avoid problems, your WDS network should not be a loop or contain nodes with multiple paths back to the parent. For example, in the pictured network, if router D was configured with a WDS link to both routers C and B, then there would be two "paths" from D back to the parent. This may cause your WDS network to experience problems.

There are limits to how many children and generations can be linked up in a WDS network. Hard numbers vary by WDS implementation, but often range between six and 10 routers—for a larger network, mesh networking would provide a better (though more complex) solution.

Q: My brother works for a tow boat company that navigates the Mississippi, Ohio and Cumberland Rivers. His current assignment is on a boat with one laptop in the wheel house connected to the Internet by what he calls an "air card." I'm guessing that is cellular. He will be assigned to a brand new boat in January. They would like to be able to share wireless Internet throughout the entire vessel. Is it possible to share cellular Internet? Can cellular Internet be routed? Could the signal be boosted or transmitted by wire to different sections of the boat?  I think it will be three levels. - Amber

A:  Speaking of boats, imagine if the Titanic had wireless Internet. Would Jack have changed his Facebook status to "sinking"? Would Rose have been sending Twitter updates, like "iceberg ouch!" and "in lifeboat, turning blue." Of course, the whole idea is silly because if they had Internet access then help would have been summoned quickly and the whole disaster averted—and by "disaster" I mean the James Cameron film.

An "air card" is indeed a cellular Internet connection. And it absolutely can be routed, to either wired or wireless clients, just like a traditional land-based Internet connection. The best way to do this is using a 3G router, such as the Cradlepoint MBR1000. Essentially it is a wireless-n router with four wired ports and can accept a wide range of ExpressCard or USB 3G modems. If this router alone doesn't provide enough wireless range for the whole boat, it can be extended by any of the usual methods—either by running a cable to another router elsewhere in the ship, or relaying the wireless signal via WDS (see above), for example.

At slightly more than $200, the MBR1000 is more expensive than a typical home router. Cradlepoint also sells less costly models (including battery and DC-powered varieties), which would probably require linking to at least one more router to extend range throughout the boat. For closer to $100 you can pick up a wireless 3G router from Linksys for either Sprint or AT&T service. Another popular 3G router is the Kyocera KR2, which is similar to the MBR1000 in both pricing and specs. [For reviews of similar routers, read “Review: CradlePoint CTR500 Cellular-Ready Travel Router,” and “D-Link 3G Mobile Router for EV-DO Networks.”]

One thing to keep in mind when sharing a 3G cellular connection is that many service plans include quotas. With multiple clients using the connection, it might be easier to surpass the monthly bandwidth cap and wind up with an unpleasant surprise on your next bill. [For more on measuring bandwidth consumption, read “How to: Measure your Broadband Consumption,” “Measure Network Performance with iperf,” and “Propel's Personal Bandwidth Manager.”]

Guru Tip: Slow Wireless with WPA on Mac OS X.

Recently, a friend of the Wi-Fi Guru experienced a seemingly strange problem with her home wireless connection. Her Leopard-based Macbook connected to a Linksys WRT54GL router loaded with DD-WRT V24 and secured using WPA, but speed tests revealed performance less than 2Mbps despite being on a 10Mbps cable connection, even with no other clients in use. Yet the Guru's Thinkpad T60, when connected to the same router, performed at nearly 9Mbps.

To investigate whether the Macbook's slow performance might be related to the network's security settings, I first disabled security on the router. Voila! The Macbook suddenly showed nearly 9Mbps speed. Although there is some extra overhead when using wireless encryption, it should hardly exact such a huge penalty. Plus, we use security for a reason. Next, I re-enabled WPA, but changed the PSK (pre-shared key) from TKIP to AES. Turns out, this did the trick—OS X Leopard continued to pull down 9Mbps with WPA AES. It remains a mystery why WPA TKIP—which is often the default WPA configuration—suffered so much on this Macbook. If any readers have had similar experiences or can shed any further light, please share!

[Note: I did not test TKIP vs. AES under WPA2 because this friend's network includes wireless clients that lack WPA2 support.]

Aaron Weiss is a freelance writer, author, and Wi-Fi enthusiast based in upstate New York. To submit your questions to the Wi-Fi Guru, simply click on Aaron's byline and put "Wi-Fi Guru" in the subject line.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!