Confusing me is easy

Sometimes I am amazed at how confused I can get over WLAN configurations. What seems so straightforward and plain to me when I am advising someone else will appear convoluted and unknowable when it is my own configuration.

Take for example my own humble home network. Over the years it has evolved from a single Apple Airport (Graphite) Base station and a laptop back in 1999 which I still own to my rather complex hodgepodge of multiple networks I have today.

Today I have 3 networks which I have re-architected many times based on my own changing needs. One for media (music and in the future, Apple TV), one for testing and one for primary wireless access.

The network used only for music (AirTunes is Apple's name for it) consists of one Apple AirPort (Snow) Base Station on my Ethernet LAN and several AirPort Express wireless repeaters scattered liberally throughout my home attached to stereos and speakers here and there. The purpose of these are, as I already mentioned, is to provide me with ubiquitous and simultaneous music. They are all on channel 1 (2.412 gHz) so as to avoid the old Sharp Carousel microwave oven which would normally destroy my listening enjoyment when it is running if the network would use channels 5 to 13 (2.432 - 2.472 gHz). Happily this network has an option set that will not permit Clients (STAs) to attach to it and in fact does not appear on my AirMagnet WiFi analyzer except as actual 802.11 packets. The APs themselves are invisible to network scanners like Netstumbler and others unless you actually do packet analysis. Lastly it is encrypted with WPA2-PSK and is configured for 802.11g only with a 5.5Mb/s muticast rate so the music will play without skips or misses as it streams from my music server.
.

The testing network changes constantly and has AirMagnet Sensors and the Meraki nodes on it. You may have seen some of my previous posts about Meraki's cloud based wireless solutions. Very cool indeed

Now onto the primary network and here is where I got confused. You see, originally this was an 802.11b/g network using that old AirPort (Snow) Base Station. However, as a WLAN engineer I felt it important to have an 02.11n network in place but was worried about interference. This would be both co-channel and adjacent channel interference from other wifi devices as well as non-wifi interference from cordless phones, Bluetooth and my dreaded microwave oven. So I purchase the Airport Extreme Base Station N.This device supported both 802.11a/b/g and Draft N standards, it had Gigabit Ethernet and a port to connect a USB hard drive for NAS. However, I was extremely disappointed to learn that this device would only work on either 5gHz or 2.4gHz not both simultaneously. I wanted both at the same time. C'est la vie. I put the AP in place and started to have issues with the configuration right away. You see, I wanted to use the older Express devices as wirelessly connected repeaters as I had the the other AP but after 2 weeks of trying I could never get them to work so I figured that Apple must want me to upgrade them to the newer N model, however I was reluctant as there was nothing wrong with the ones I had. I chose to live with it the way it was.

Luckily for me Apple introduced a Simultaneous Dual Band version within a few weeks of my purchase and I was able to exchange mine for the newer model. This turned out to cause a new problem when I noticed that it was dropping client occasionally and had to be rebooted once or twice a week. I was perturbed and figured the problem was me or my configuration. I twiddled the settings a few times and changed the firmware but had limited success resolving my issues. I did notice that the Ethernet connectors were always loose no matter how firmly I inserted them but could not positively determine if this was the issue. Also, I suspected my aging ZyXEL DSL router to be a culprit but again could not reproduce the problem to my satisfaction. I just could not believe that it was an Apple product control issue. My internal standard for Apple's Quality control was very high after years and years of experience with their products. Finally, after awhile (2-3 moths) I grew tired of trying to fix it and gave up and just informed my family to reboot the Internet Router and the Airport if they couldn't access the Internet. To quote Julia Child, "This always works."

After a few months and independent from these issues, we decided to invest in a backup solution that was more comprehensive that the piece meal attempts at backup we were doing today. The consensus was to go with Apple's TimeCapsule as I had heard from others on how well it performed. For all intents and purposes it was identical to my current AP but with internal Hard Drive and Power supply so I was a bit trepidatious but gave it the green light. We purchased the product. Configured it in about 15 minutes and replaced the Simultaneous Dual-Band AirPort Extreme N Base Station and low and behold, all my problems went away! I was amazed and decided that 8 hours was not long enough for testing. 2 weeks later it is still going strong. I had found the weak link, or had I?

I repurposed the Slightly older AirPort to my boudoir/office and never had a problem again with either connections. To this day I am at a loss to explain it. Some combination caused the problem, once separated however, the problem disappeared.

You see, sometimes I get confused.

Cease and Desist!

My ISP (Speakeasy) sent me a nice letter recently informing me the Eurpopean Union's copyright infringement division was displeased with me. The said that based on these allegations, I would be in violation of the Speakeasy Acceptable Use Policy. "How can that be?", thought I. I buy my music on iTunes, I do not partake in bittorrent, limewire or any other version of the now dead Napster (old school version not the new subscription based system) music/file-trading system Hell, I pay for stuff!. I have encoded all my purchased CD's and boxed them away but I keep them to myself. In fact I am a true supporter of "legitimate" digital music use via iTunes or any other service that, in some way, supports the artisits that create the music I love. This includes freely distributed music a la Radiohead.

So why was the European Union comin after me? Speakeasy's Tech Support and Security groups were very helpful in pointing out to me that they could track streams of file sharing originating at my IP address. So I thought deeply about this (for 2 seconds) and arrived at the most logical conclusion. My neighbors were connecting to me via Free The Net, the Meraki based San Francisco free wifi network and uploading/downloading music to their hearts content. I have 2 repeaters on my roof and 4 others in houses nearby providing firewalled access to the Internet. This made me sad. I was very pleased to provide an un-asked for service to my neighbors who may not have - or may not be able to afford - Internet access. I wrote to Meraki explaining my dilemma and asked of there was someway to restrict my neighbors from conducting file trading on my network.

People in my hood are sharing music over my wireless network and
abusing my speakeasy acceptable use policy. Speakeasy.net has warned
me that any continued abuse will result in disconnection of my
service. Therefore I must inform you that unless you can lock it
down so only port 80 is being used I will have to disconnect the
Meraki repeaters and access points from my network.

I am very sorry. This seems like a real shame. I was very eager to
participate in "Free the Net" but now I am a bit saddened that folks
are abusing it.

Please get back to me and let me know if there is anything you can do
on your end.

They replied back with...

Hey Bruce,

grr. that's really irritating. but actually what's surprising is that
we haven't had to address this issue so far. as far as blocking
everything but port 80: I don't think any of us would be happy with a web-only Internet connection, so that doesn't seem like a good answer. to me it seems the real solution here would be to figure out who the culprit is and block them.

I looked on your gateway and didn't see anyone transferring an
inordinate amount of traffic. do you happen to have any idea who it is? do you know if it is bittorrent they are using? maybe they are using a different gateway at least part of the time (probably mine, hehe).

next week I guess we can figure out how to set up the right counters on your gateway so that we can figure out who it is (any insight or additional info you can provide would obviously be super helpful). hopefully Speakeasy can wait that long. if you need to unplug, we understand, but leaving your repeater plugged into power would at least soften the blow.

ugh,

So far they have found no way to track or stop the activity and I love my Speakeasy service. So I have no choice. Until such a time as I can trust my neighbors not to conduct activity that the European Union deems as illegal or until Meraki finds a way to filter this traffic out, I must disconnect my network from "Free the Net". I still have repeaters on my roof but they are no longer connected to my network, file traders now siphon off some other guys pipe or tube or truck that backs up and unloads Internet.

Comments and suggestions, as always, are very welcome.

Meraki - Staunton, VA

Another great grass roots wifi project is being lead by a group of folks out in Staunton Virginia. With 19 nodes up as of today, the 3rd of May, it looks like it is doing well.

Again, I must say, citizens and grass roots efforts beat out commercial or governmental efforst all the time. Less bloat, less waste. These efforts are similar to the way we as world citizens take it upon ourselves to act responsibly on the road, or by taking the effort to recycle our bottles and cans. It is also parallel to the user created content wave sweeping the Internet. Not only do we want to get news and opinion our own way we want to get services our way too. And just like we don't mind spending some of our time to create that content we do not mind spending some our time and bandwidth to add wifi services.

Drop in on Staunton VA and take a look at http://www.stauntonwifi.org/ and let them know what a great job they are doing!

My Meraki Mesh Node - Update

Meraki is a pretty cool company. I don't say that just because I am some bleeding heart liberal (even though I am) and they have a rather humanistic desire to get inexpensive Internet connectivity out to "the next billion people". Nor do I say it because they like to be polite network citizens and not go for the capitalistic jugular. But also because they have their head in the right spot and treat people decently and still make money doing it. nice. Liberals want to get rich too!

Not long after getting the free (as in "beer") Meraki node set up I purchased two new minis. I purchased these to learn about how they work and for fun and to "hack-on". I mean, heck, they were pretty inexpensive. Soon after I put these nodes up using the same SSID as Meraki's project so they would associate to it and I gave them to my neighbors. At this point Meraki contacted me. I guess they were monitoring the "Free the Net" WLAN and they sent the following note...

Hi Bruce,

We noticed that you ordered a couple of Meraki Minis and have set up your own network with the name "Free the Net". We are very psyched that you're so motivated and excited to help out with the project, and we'd love to help out. :) For starters, you definitely don't need to spend your own money, we'd be delighted to provide Minis for any of your neighbors who you can get involved. We would also really love to have the repeaters in the "Free the Net" project be in our existing network in Dashboard, so that they'll all show up on our one network map and we can see the aggregated usage numbers and all of that in one place. I totally understand that as a WiFi guy you'd probably like to play around with Dashboard some yourself -- could we offer to send you a couple more Minis to play with, and let us add your neighbors' repeaters to our existing network?

Thanks a bunch, and again, we appreciate your help with the project!

What great folks! A few days later 2 more nodes showed up and now I have two to "Play" with and two that will soon be migrated to the "Free The Net" project. I have all four up now on a new SSID and when I attach my laptop to them I get a nifty splash page from Meraki. This is of course because my new mesh of 4 (lets call them "Unchained") automatically saw another Meraki node ("Free The Net") and linked to it. as an aside, I think, if I plug one of my "Unchained" nodes into my Internet connection they will dis-associate from "Free The Net"

Now here is the real surprise, After you click the, "Take me to where I was going" link you get a new bar at the top of your browser window that scrolls advertising for local businesses. Now, I have no idea if these businesses are paying for this. I assume they are, but who knows. But think of the revenue opportunities.


The bar is very discrete. Thin and lean. the rotating text ads are very low key and I didn't even notice it for quite a few days. Also there is a request for input in a box if you click the "?" icon.


Lastly, there is a "search local" box that allows you to search for businesses and other stuff in your local area based on your Latitude and Longitude (actually, the Lat Long of the node you are associated with). Very hip.


The Result then takes you to a Google Local page. Nice.


All in all, when you add this idea and the strategy to get a percentage of money that Meraki makes off of your monetizing you own mesh hotspot, the large orders of nodes going to other cities and countries desiring a quick and easy way to get their citizens connected to the Internet and the fact that Google buys Meraki nodes to extend their mesh into peoples homes and businesses, Meraki is poised to pay off that Sequoia investment in nothing flat.

Meraki AirMagnet Stats

Some folks have requested more technical details on the Meraki nodes so I am uploading some AirMagnet Laptop Analyzer images for your perusal. Let me know what you think.

(Click an image to enlarge it)

Here, for example is the AirMagnet Start screen showing the 3 nodes I have up

And here we have the Infrastructure page showing how they are viewed.

But the details that most folks have been asking for is here on the Channel Page (notice the bytes and frames. Very good data speeds for the most part. Since the beacon interval is set to 500ms I have the channel scan time set to 750ms)...

...and here on the main portion of the Infrastructure page. I also had the Spectrum Analyzer integration enabled. For this image I selected the main "root" node to analyze.

Meraki Node - Management Details

The Meraki mesh node I got has been up for a week now and here are my thoughts. Well, first of all, It is pretty neat. 'nuff said. I had some questions that I posed to Ben Chambers of Meraki and here are the answers.

The first thing I wanted to know was why it beacons every 500ms instead of 100ms. Twice per second did not seem very much and considerably off the norm. Ben stated that, "As far as the beacon interval goes, the reason is basically that if you have a fairly high number of repeaters (say, 20) within range of each other, 10 beacons per second per node gets pretty excessive." This makes total sense to me.

The next question was whether there was a way to configure the node or at least monitor it. I was told that because it was a free node belonging to the Meraki "Free the Net" project I would not be able to configure it but I would be able to monitor it in a variety of ways:

1. I can see if it is up by associating with it and browsing to http://my.meraki.net/ where I would see a splash page. Click on each image to see a larger version of the image.
2. I can Select the "Advanced" link in the upper left and get a page that lets me run a throughput test to the internet.

3. I can select another link on the advanced page that allows me to set a static IP and some other functions.

4. I can also get to a page that is just for my repeater at http://sf.meraki.net/myrepeater/00:18:0a:01:10:b3 which looks like this:

5. I can also get more data from a more public view of the Meraki network from this URL http://sf.meraki.net/overview which shows me connected to another mesh node way over in Potrero Hill, at least a mile away.


6. I was also pointed to a site where there is XML data for Google earth. http://sf.meraki.net/earth . You must save the source as a KMZ file on you hard drive and open in Google Earth.

After which, it now looks like this in Google Earth. Notice the mesh links (I made them yellow, the better to see them with.)

Which now allows me to go down to sea level and see the line of site to the other link

Pretty impressive. My next step would be to get some Meraki Minis and connect them to the mesh and see how they work out. More fun for next time :-) Talk to you then.