Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Solution For Making WiFi Cost Effective

Posted by timothy on from the salt-for-leeches dept.

rkohutek writes "This whitepaper came out of my employer's desire to deploy high speed wireless internet to an underserved, mostly rural area. Although very easy to do on the ground level, I found it to not be a cake walk when it came to actually making it a viable network case -- in a "normally" deployed wireless network it is very easy to spoof an IP or MAC address and hop on the network and get free bandwidth. This is not acceptable and the acronym WARTA, Wireless Authentication, Routing, Traffic control, Accounting was thought up to cover the things that we needed to do. Read on for how we managed to make it work using Free Software: HTML or PDF." Update: 06/07 20:42 GMT by T : He sends along word of this mirror as well.

13 of 120 comments (clear)

  1. Dear God! by PurpleFloyd · · Score: 4, Interesting

    Looks like someone finally found a use for PPPoE! I've wanted that damned protocol to die for quite a while, but I can see it being useful in this situation. DSL, on the other hand, is where it deserves to die a painful death, along with whatever suits decided that "emulating the dial-up experience" is better than an always-on connection.

    --

    That's it. I'm no longer part of Team Sanity.
    1. Re:Dear God! by jjeffries · · Score: 3, Interesting

      Indeed, I use PPPoE to authenticate the folks around my hood that I let use my connection. WEP slows things down too much and isn't much in the way on encryption anyway, and with SSH tunnels I was getting about 10k/sec through the wireless--my gateway router is a P100, perfect for routing but a little slow with the number crunching.

      You'll need to be careful with machines conencting from behind a PPPoE link and force an MTU lower than 1500--I use 1412 and that seems to work. If you can ping and do other things with small packets, but web pages don't load, or load a little bit and then stall, that's a sign of an MTU problem.

      PPPoE also makes shared-equipment DSL service a possibility, for better or worse (probably worse, coming from someone who works for an ISP that owns their own DSLAMs)...

    2. Re:Dear God! by Junkster+Julian · · Score: 3, Interesting
      Looks like someone finally found a use for PPPoE! I've wanted that damned protocol to die for quite a while, but I can see it being useful in this situation. DSL, on the other hand, is where it deserves to die a painful death, along with whatever suits decided that "emulating the dial-up experience" is better than an always-on connection.
      This might be the only chance I get to remind everyone that v.92 is probably the most undersold networking standard any of us have seen in years.

      The v.92 standard (not to be confused with the simple v.90 standard) was released by Conexant (formerly Rockwell International Corporation, the dudes who helped pioneer MODEMs together with folks like USRobotics, Hayes, etc.) can interpret call-waiting signals and issue "modem-on-hold" command(s) to the remote modem.

      This new feature is "pretty darn" useful as it re-establishes POTS as a viable networking channel as users will no longer feel like they are being forced to choose between: a) receiving telephone calls, b) being connected to the Internet, c) ordering, installing, rewiring, securing, and budgeting an additional POTS line, or d) subscribing to "overkill-type" high-speed services just to send someone an email.

      Due to the sheer demographic penetration of POTS versus other newer high-speed and wireless technologies, ISPs might want to consider upgrading their modem pools to support the new standard (and market support for the new standard as the no-more-busy-signals-ever-again (and-we-mean-it-this-time) godsend it, well, is!). 'Nuf said.

      Greets.

  2. Re:I wouldn't worry by rice_web · · Score: 3, Interesting

    Granted, I realize that the software was free, but what about maintenance and updates..... it is still a costly measure. I, for example, do not expect a virus-protection program to keep intruders out (I'd have to be naive), and this program certainly can't be foul-proof.

    --
    The Political Programmer
  3. Re:Solution by rkohutek · · Score: 2, Interesting

    We thought about doing the walled-garden approach, but decided that it would piss of our customers to much to have to go through a portal page (login) that couldn't be automated (like ppp can be).

    randal

  4. AirSnort the PPPoE authentication? by Anonymous Coward · · Score: 1, Interesting

    Am I missing something, or couldn't someone just sniff a valid PPPoE username/password to gain access to the system? Are the login credentials sent in clear text or are they encrypted?

  5. pptp by akb · · Score: 2, Interesting

    If they replace pppoe w/ pptp they have encryption of data with basically the same infrastructure. The client has shipped w/ every Windows version since '95 and there are free clients for every OS I can think of 'cept os9.

  6. Re:I wouldn't worry by glenstar · · Score: 2, Interesting

    Did you look at Proxim's Tsunami MP.11 line? They have some great features, such as provisioning directly from the base station, etc...

  7. McDonalds and Starbucks by Glonoinha · · Score: 3, Interesting

    Umm Starbucks seems to be able to lock down its Wifi, and McDonalds seems to be able to lock down their wireless connection (get a free two hour connection with a Happy Meal, or something like that) ...

    Here is a thought, stop at Starbucks, buy a hideously overpriced ice-coffee or something, let the caffeine stimulate your brain, and buy an hour or day or however they sell it worth of their 'net access. Whatever they do to keep you from freeloading ... that's what you do to keep folks from freeloading on your network.

    Simple. Don't reinvent the wheel, leverage the gazillion dollars Starbucks and McDonalds paid consultants, particularly if they use the same method ... if they both do the same thing it means that two different sets of consultants at $225 an hour were able to convince two massive corporations to go with it.

    --
    Glonoinha the MebiByte Slayer
  8. Why not IPSEC? by po8 · · Score: 2, Interesting

    The "obvious" answer would have been to use FreeS/WAN or similar to set up an IPSEC tunnel to your wired network and be done with it. Windows supports IPSEC as well, and it seems like it would solve most of your problems. Am I missing something?

  9. slick by zogger · · Score: 2, Interesting

    nice setup man, I bookmarked your html page. I like the cheap aspect of it. You also seemed to have gotten a deal on that T-1. Questions? what kind of range are you getting off that 90 foot tower, and is the tower itself on a hill much higher than your customers? Are the hills (and tress I guess)affecting coverage? Last, how many are you serving or do you think you can serve?

    Rural broadband needs to be done, and waiting for some mythical perfect solution is that..waiting.And waiting. And waiting. It is teh suxors. Satellite internet is teh big bucks suxors.

    It's a gimme none of the big guys are going to do it any time soon, so small mom and pops or co-ops wil have to be it, and I've been accumulating various web references and whatnot to see what's working. Yours is a nice simple *(relatively) description and write up, good job! I hope this gives some geeks some ideas on self employment, plus helping small communities, rather than sending out dozens of resumes for months and months to these big corporations. Work is work, and the rural areas are much cheaper to live in usually most places, much less crime, and other sorts of goodness, and MOST of them have zero broadband for sale.

  10. no signal by zogger · · Score: 2, Interesting

    Those mesh network things are a good idea too, I like them, the concept, however, you need people in reasonable proximity all the way to the fat pipes internet someplace. A lot of rural places you will wind up with areas that no one can reach the net with any sort of big bandwith. You'll be stuck running your whole network through some dialup modem, or someone eats the T-1. Around here they are close to one grand per month,last I looked anyway. I don't know many folks who would want to spend 100$ to 200$ to 300$ a month to have broadband. Or be happy with just a big local wan of 12 houses max or something spread out over many square miles. In suburbia around some big metro area, all across an area like that, swell, oodles of access points and enough people in it so it's a miniature full internet all by itself. Ya got your multi thousands of points in a mesh in some extended metro area, or 12 or 4 or something potential points. Example, my neighborhood, less than 10 houses all around for any distance, and several big hills/baby mountains seperating them. Maybe 1/3 of those people might be interested enough for broadband access, WAG on my part. So either way, still not happening, I just like seeing the solutions that ARE working someplace, because eventually someone is going to pull it off, or maybe uncle sugar will free up some spectrum or let more powerful transmitters be used OR SOMETHING. No one is in any hurry to run cable, fiber or anything else. MY idea was some sort of aimed point to point thingee relay that bolted to the existing telephone poles, then you only need them on the turns in the road. I haven't seen anything like that yet, some small doodad that bolts on and is wireless and real cheap and can be made easily self powered with a small solar panel perhaps. Fantasy device so far.

    Coverage might suck too, whatever you use with radio waves, some folks on hilltops, some in the valleys, and the valleys won't even get new cell phones working right now, if you are driving and need to make a call you learn fast to STOP and pull over at the top of a hill, so I'm not sure any of the mesh stuff would work all that great, or even this other technique. I know my FRS radios are dismal if there's a hill in the way between the partys using them, and those have more wattage i believe than the other devices are allowed. heck, even non modded CBs suck. 2 meters work ok at high(er) wattages, that's about it. THAT'S the big problem, the low power that is allowed *by de law* and rough terrain. Unless every part of your mesh can afford a huge tower. If you can do that, go satellite, it's the same thousand dollars or more, and probably faster and you don't have to dork with it much. Let alone this lightning deal that exists.

    aaaakkk

  11. Re:How to make WiFi Cost Effective. by FuegoFuerte · · Score: 2, Interesting

    This article is a great start, and gives me some ideas on how to solve certain problems. The thing to remember, however, is this is still not secure in any way. Authentication wise it may be (what type of auth is going over the air? Chap? Pap?) but data wise it certainly isn't. A somewhat better solution security-wise is PPTP (which someone already mentioned), though it has plenty of problems of its own. The ultimate solution (while maintaining easy Windows compatibility) is IPSec over L2TP. Only problem is, last I checked this is a bitch to set up a Linux server for, if it is possible at all. The IPSec is possible enough (FreeSWAN, etc) but getting it working over L2TP gets rough real quick. Course, last I checked into this was about 6 months ago, so things may have progressed since then.