Wireless Network Solutions for a Metropolitan Area?

An anonymous reader asks: "I work for a company that is expanding into multiple buildings within the same office park. We have line-of-sight between the buildings and are looking into wireless alternatives. Does anyone have experience with products such as Proxim's Tsunami or Bridgewave's GE60 Gigabit wireless link? The point-to-point links will need to support the usual LAN traffic (SMB, HTTP, SMTP, etc.) as well as VOIP. The buildings are not large--up to 140 users, whose main network use would be e-mail, printing, and saving Excel documents to file servers, as well as the aforementioned VOIP). Are these connections any more secure and reliable than using something in the 802.11 family of protocols?"

Laser Link

[MBCook]

At one of the schools I once visited, I saw something cool while helping out with their computers. For some reason they had a point to point laser link. This was years ago. From what I could find it was token-ring and I assume 10 megabits. It wasn't working at the time (half the system was just on a desk).

Still, someone must make something like that today. It would fit your situation perfectly. First of all, it's not broadcast. You can't stand 5 feet from the thing and intercept the signal. Second, even if you did manage to intercept the signal somehow, it is much harder to mess with than if you use some kind of 802.11.

Point to point laser links may be your answer.

Re:Laser Link

[aderusha]

The technology you are talking about is called free-space optical and is fairly mature. For the distances you are shooting, you should be able to run gigabit reliably. They are relatively secure, but you'd still want to run some sort of VPN over the link (at gigabit speeds this may be difficult). For shorter distances (such as those listed), you will find they are plenty reliable and can handle even heavy rain if installed correctly.

Re:Laser Link

[HavokDevNull]

Saw this at a trade show this year (see boss I do learn from these things) http://www.lightpointe.com/home.cfm and from what I saw they have the technology and the bandwidth to handle most LAN's today. I did ask the rep if fog, rain, and snow etc... plays a part in the reliability of the connection. He said yes it does but you have to have major conditions (hurricane) for the connection to drop completely. If you go this route I would ask for a demo of it and research more QOS issues.

Don't rely on inherent "security"

[TCM]

I would always run a VPN on top of anything wireless, especially when carrying sensitive information for a company. If you are unsure about the security of a solution, run security that you are sure of on top.

The US's oldest metro-area mesh

[Baldrson]

I designed and deployed the first metro area mesh network in the US using Locustworld's MeshAP software. It wasn't and isn't big (small tourist town) and it required a lot of babysitting for the first year, but its a pretty mature technology now and the price is right (the software is free unless you start getting into the WISP stuff they sell).

At this level - pay the money

[ejoe_mac]

If its all in one complex see about the options to having fiber pulled inside existing conduits. Otherwise it's time to justify the cost over a number of years, and allow for a redundant pathing setup & better hardware. Do 3 links and run OSPF on the back side - that way you're safe in the event of one link failure. Also consider CanoBeam (Canon) free air optics http://www.usa.canon.com/html/industrial_canobeam/ canobeam/canobeam130.html which may also work better for you, depending on needs.

Keep in mind that fog and tall buildings can impact performance on laser based systems, but compare this to everyone 's wifi APs as background noise. Just make sure to go to either licenses bands or the 5.8ghz range if you go the radio path.

802.11 + Firewalls

[Mr.+Sketch]

Since you control both sides of the network, your setup should look something like:
Network0 -- Firewall -- AP -- [AIR] -- AP -- Firewall -- Network1

Setup a VPN/Encrypted tunnel between the two firewalls, to secure the traffic. To secure the wireless network, your options are limited something with WPA/WPA2 as long as it has AES encryption would be a good start as long as you have good passwords on the AP and on the PSK (or use RADIUS instead of PSK for even better protection). This will prevent people from connecting to the APs and changing their passwords or something malicious like that.

Addition - locate as much as close to the user

[ejoe_mac]

Also, do what you can to cut back on cross building traffic. Make sure each building has a local print server, and locate user files closest to the users that will access them. Sending a 100mb print job to the copier around the corner shouldn't involve data leaving the building.

Not really a metro question, it is point to point

[jwkane]

Good question. What you are looking for is a point to point bridge. At short range with good line of sight there are only three relevant factors. Price, Speed and Quality.

If price is irrelivent, a free space optic (like gigabeam) with an RF backup (like a Tsunami) will give you massive amounts of bandwidth, low latencies and lots of 9s for uptime/reliability.

Price is rarely irrelivent. A more economical option would be to skip the FSO and just use something like a Proxim QuickBridge. Another alternative which hits a nice price/performance/reliability is a Trango Atlas (45Mbps, about $3k). Most inexpensive (ala 10k) and the licence may be an annual recurring cost. Licence costs depend on location (city/county/state).

So for rough ballparks...

FSO w/RF backup, 1Gbps, $25k +
Licenced P2P RF, 100Mb, $12k + Licence
Unlicenced P2P RF, 54Mb, $3k (Trango)
Unlicenced P2P RF on-the-cheap, 54Mb, $1500 (Microtik, other 802.11x based systems)
Unlicenced P2P RF ultra-cheap, 54Mb, $400 (WRT54Gx2 w/Sveasoft firmware, external antennas)

3 words

[Neuropol]

Colubris. Colubris. Colubris.

Why? Priced right. Feature rich. Linux under the hood. Capable of supporting 16 separate networks per AP/Controller. Radius authentication. Active Directory integratable. Etc. Switches, routers, full spectrum industrial wireless solution hardware provider.

ps. I work for a reseller/installer and I am versed in the support of the Colubris back end.

The wireless radio spectrum is full, go for laser

[MavEtJu]

At this moment we, an ISP in the Sydney centre, are replacing all our radio links (enterasys roamabout, tsunamis etc) with Lightpointe laser links.

Why? Because there are too many other users with radio links which interfere with our with our links. Don't get me wrong, they have served us well in the last seven years, but right now the game is over. There is only one radio link left, between the 62nd and 36th floor of two buildings, because the signal has to punch through a concrete wall which laser can't do yet :-)

And I like the speed improvement. Going from 2.2 - 5.5 - 11Mbps to 100Mbps is nice for the users :-)

Airaya and Redline gear

[Robbat2]

I previously worked for a Metro-level ISP, that had their network between approx 20 buildings using wireless gear.
Our preferred short distance solution was from Airaya - http://www.airaya.com/products/p2p.asp
We used the AI108-4958-O model mainly. It comes with (50,150 or 300ft) of external grade CAT5e attached to the sealed unit.
Mount that sealed unit on the building or a tripod mount ($100USD in Home Depot and RadioShack parts for a decent DIY tripod). Run the CAT5e into one of your roof access areas (look at the top of elevator shafts, there should be airways that are usable). Put the POE injector there. From there, run normal CAT5e to your switch gear.

The Airaya units are rated to 108Mbps (realistically we did 30-80Mbps usable IP depending on distance and interferance), no additional license is needed for the spectrum, and they are well designed and NEMA outdoor rated. Not sure what the current price is, they were dropping a lot during the time that I used them, but probablly $1200USD/pair.

Since you say you have multiple buildings, you should look at some of their other gear - the most we ever did was three units in a set (two slave sites pointing to one master, and sending their traffic via the master if they needed to talk).

One of your other high-end solutions is Redline http://www.redlinecommunications.com./ We used a single AN-100 unit for a long-distance haul (~10km), got a reasonable 60Mbps out of it. Cost wise it's not a nice number, and they refuse to sell it to you unless you get a certified installer to handle it.

Re:Airaya and Redline gear

[Robbat2]

And one comment that applys to both the Airaya and Redline gear.
Due to the frequencies and power in use, do NOT stand in front of the units for longer than 20 seconds when they are powered on. You will get the most severe pounding migraine-level headache you have ever experienced.

Considered fiber?

[Spazmania]

Have you considered fiber? Consider it again.

You're entirely in a private office park you say. Less than 2 km between buildings, right? Has the telco laid any cable conduit? If so, its now a fixture of the property and belongs to the property owner. This means you can use it. Pick up some spools of direct-burial multimode fiber on ebay at around 20 cents a foot, pull it yourself and pay a fiber expert to come in and attach the connectors.

Even if there is no pre-existing conduit, you can use something like the $250 borit tool to get under the parking lot without disturbing the surface. http://www.borit.com/index.cfm?fuseaction=details& prodID=98 Digging yourself is more expensive than pulling through conduit but it could well be cheaper than a decent laser link and its a whole lot more reliable. And oh yeah -- it'll handle your bandwidth needs for the next 20 years instead of having to be replaced in 3.

Re:Considered fiber?

[mjpaci]

fiber++

Doing it yourself--

There are a whole lot of liability issues that you don't want to take on by running your e-bay fiber yourself or boring your own holes in the landlord's property. Hire the proper entity to do this (after getting the landlord's permission) and make sure they carry enough (or what is required by the property owner) liability insurance.

He's not running fiber to the cabana next to his pool at home -- let the professionals take care of it.

--Mike

Rain fade on 38 GHz microwave

[billstewart]

I work for a carrier, and we occasionally use 18GHz or 38GHz equipment to provide access or access diversity. It'll carry up to an OC3 or so depending on exactly which equipment you use, requires line of sight, etc. The limiting factor for us as a carrier is that we're expected to offer a service level agreement, and the amount of heavy rain an area gets determines how long a distance we can go before we drop below 99.99% uptime. So Phoenix can get up to 10 miles or so - Seattle's a lot lower (though not as low as you'd expect, because they get lots of light rain. Houston's worse.) Most of the US older-48 states get 2-3 miles.

Then there's backhoe fade. Guys named Bubba driving heavy equipment are not your friends....

Experience with 802.11b LoS Point to Point

[megabyte405]

I've worked with a point to point link with 802.11b kit (now could probably use g), and compared to a leased line from the telephone company (we're talking spanning a village here), the speed was a great improvement. We had the added advantage of a skilled wireless technician who had done this before and knew the tricks - antennae relaying the signal on high public structures, talking with local radio stations to put another two dishes on their tower, so interference wasn't a problem, etc. We used Enterasys Roamabout systems and some standard enterprise routers - it's secure, just turn on security, mac filtering, and put the wireless link routers on their own subnet. (Add a VPN over the wireless for bonus points) However, since a high-power antenna like the ones we used will restrict the signal beam to literally a "point", unless someone managed to find their way between two of our dishes, we were just fine.

Good luck! This project worked well for us and was a lot cheaper and faster than a leased line.

Avian Carrier

[camusflage]

This is easy. What you want are Avian Carriers. There is some latency possible, and inclement weather will lead to some potential packet loss, but it's definitely the best solution.