Slashdot Mirror
Making Wireless, Not Ethernet, the Heart of the Network
GMGruman writes "As mobile devices enter the workplace and latch on to Wi-Fi networks — along with devices such as HVAC sensors and videoconferencing that most people don't even realize use Wi-Fi — the typical wireless LAN is unable to cope. What needs to happen, argues Aberdeen Group's Andrew Borg, is a rethink of the wireless LAN not as a casual adjunct to the wired LAN (the typical mentality when they were first set up) but as the corporate LAN itself."
So what? What is relevant is what those devices are doing. Anyone who needs to pull boatloads of data needs to sit the hell down, and at that point, you can serve them with a wire.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
High latency, low throughput, and a shared collision domain.
What's not to like?
I don't get it.
If the problem is internal bandwith, the latest and greatest wireless standards should suffice.
If it is the actual LAN part, then everything is still behind a router so it is the same regardless.
If its the noise, frankly there are already solutions to that, like using a light instead of waves.
Ye cannae change the laws of physics!
Seriously, though... wireless has serious inherent disadvantages. Susceptibility to interference, a single collision domain, much lower bandwidth in the analog sense. It's good for mobility, but if you try to run a whole site-LAN on wireless it just wouldn't work - even if you utilised the 800MHz, 2.4GHZ and 5.0GHz bands all at once. Maybe if you put little 60GHz nodes in every room, but it'd be far too expensive.
One of the advantages of a wired network is that the data only leaves the premises at well defined locations that you control. With wireless networks it floats over the aether in all directions. And before you can say "encryption will protect me", think about how easy it would be to build a transmitter running on the same frequencies as the wireless network and sit that just outside the company and pointed inwards - instant denial of service attack with zero traceability.
I am Slashdot. Are you Slashdot as well?
Printers? Video surveillance? HVAC? Electric meters? Why are these things using WiFi, when they rarely move and are always plugged into an external power source?
Palm trees and 8
The wireless LAN will be the future! What a great idea. It is so great that I wonder why nobody has thought about it already. Oh wait. My University-LAN works that way. And when I move from Kiel to Berlin and enter campus I am back in my Office-Network. So this is bleeding edge? No. Whole Estonia has such a WI-FI-network.
However, wired networking will stay with us for a long time. Why is that? Because it is faster as it does not need to cope that much with its environment. It has its ether free of most disturbances.
So nothing new here. It has more the quality of a sack of rice.
These are the three things that WiFi still can't compete in against a wired network.
Even the most secure wireless is still much more susceptible to attack then a wired network. Even with the most modern access control and protection methods (which are neither cheap nor convenient) the sheer massive avenue of attack WiFi presents creates a problem for many large corporations. Ask JPMorgan Chase how much WiFi connectivity they have. Or pretty much any US Government building.
Even if you do as the article suggests and call in an expensive contractor to map out the best locations for access points, you have to find out if it's even feasible to run network and power to that location. Even with the best-possible placement you are going to have dead zones, and the size and location of dead zones will vary depending on the devices used. My Toshiba laptop got service in places a virtually identical Macbook did not- let alone the poor wireless reception most mobile phones and devices provide. So you have to deal with irate users, and try to find places to install additional access points to cover the dropped zones.
When I worked for a small non-profit K-12 school, during teacher inservice days I always had to install 2 additional access points in the gym so that the teachers could all connect on their laptops, as the single AP currently serving the gym was not sufficient. Even then, transferring any large file from the server or online either brought the network to a standstill or required tethering each machine to an ethernet cord to do the transfer. Most high-tech oriented conferences, the wireless is all but useless if it's available publicly, due to the hundreds of devices all connecting within a limited frequency space and bandwidth. There is just not enough bandwidth in a small space available to deal with more then a handful of data-rich connections. Spread across multiple spheres of AP reception the problem is reduced, but not eliminated! My bedroom is WiFi-connected only due to wiring constraints and connecting from my laptop to my server via VNC or to copy files is very... very... slow. And really, try having a LAN party over wireless- I can run hundreds or thousands of network cables through a small room and connect everything I need for nearly any project or task inexpensively, and know that the network will be robust. Working with WiFi in anything other then a solo arrangement is a lesson in frustration.
TL;DR - Until security protocol and access control methods are more robust and available; until tools to design, implement, and test wireless networks are more plentiful and robust; and until bandwidth availability is not on par with but exceeds that of standard CAT5- wireless is but an adjunct, a convenient add-on to the main structure of a wired network in a business. ... err, not that I'm impassioned about it, or anything.
I agree with the sentiments here that wireless is not appropriate for a large portion of traffic. Especially as we move to all kinds of media traveling over our IP networks, do we really want all of that to be steamed over wireless when it does not need to be?
I consume all of my media at home over IP, and because of my house's design and the location of my wireless router, it is very difficult to run a wire to where our big screen is, so I use wifi. When it works it is fine, but I have to reset the connection every time I finish watching anything. There is something wrong with the protocols. And I have very new equipment. And I have tried several brands of router, and the problem manifests with both my AppleTV and Roku - and with our laptops (Macs) as well.
I find that wifi is not reliable enough to rely on. It is great when it works, but it is very flaky. If we want to deploy it for everything then we need to make it work first.
Wired and Wireless Ethernet are both Ethernet.
As many people have pointed out the wired network isn't going away as the wireless network will always be far behind the wired network in terms of throughput. What I think really needs to change is the transition between wired and wireless networks for those devices that do both. You really should be able to move a machine between wired and wireless networks without causing any open TCP connections to be broken.
Maybe IPv6 is going to fix that, but I am not convinced the proper solution is actually at the IP layer. It could be implemented at a lower layer of the stack. If it was implemented at the Ethernet layer it would work for both IPV4, IPv6, and anything else you were running on the network. However doing it at the Ethernet layer does limit its scope to a single Ethernet segment, so wouldn't work for those places that implement wired and wifi as separate segments. Hence an implementation at a higher level would be useful as well, and in case IPv6 becomes widespread enough it could render an implementation at a lower level redundant.
Imagine starting a large download while on wifi, when you notice it is going too slow plug in the Ethernet cable and see the speed increase as TCP notice more bandwidth is available. And if you are on the wired network and the cable for some reason gets pulled out nothing would break, it would just cause a drop in speed until you plug it in again.
Wifi can be handy as a 'core' network if you live in an apartment and don't want to (or can't) drill holes to run copper throughout. An extended 802.11n 5GHz-dedicated works well enough to feed 1080p from my upstairs NAS to my downstairs home theater. Still, if I owned, or had an apartment with ethernet wall plates, I'd take advantage of that..
Since I am not an InfoWorld subscriber I could not read the report by Andrew Borg of the Aberdeen Group that Galen Gruman wrote about (nice plug about your own article BTW). Thus I have a hard time to see what Borg really meant and what got lost in the filtering of TFA.
But of course we will have to think of wired and wireless networks as two separate entities. Not that we cannot think about them at the same time and how they should work together, but because of their different characteristics.
For an end-user the experience should be roughly the same, but from an engineering point-of-view, you have to take all factors into account when designing your network. The limitations, security concerns, cost, etc of each medium is important to acknowledge.
So even if I might agree on that we shouldn't view wi-fi as the "neglected stepchild", we cannot dismiss the differences. Doing so would be plain stupid.
This would be the only way I see as being able to beat physical mediums for data transportation. Granted there are many hurdles to overcome, and it is still not fully understood, but it would be far superior to any wireless [and wired] based system when [if] mastered.
What needs to happen, argues Aberdeen Group's Andrew Borg
So a Borg is giving suggestions as to how Earth's networks are to be set up?
Careful now, people.
The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
Jebus, people. Ethernet is a layer 2 OSI technology and has nothing to do with the physical layer. Wireless uses Ethernet too.
"A plan fiendishly clever in its intricacies"- Homer Simpson
Adequate hardware?
You do know that the technology used there was powered by *miles* of fiber cable, right? With probably millions in contracting fees to get it all run.
The limitations of a shared medium preclude its being the "core" of any LAN that is actually seeing sustained use.
History (skip if tl;dr)
Ethernet, as originaly designed by Digital, Intel, and Xerox (DIX) was a shared medium. Transceivers sat on very think cable with vampire-taps piercing the cable to provide station connections. That is 10Base5. (10Mbps, 500meter max length). An improvement in technology allowed switching to 75ohm coaxial cable with BNC connectors, three-way connectors instead of vampire taps, and allowed four repeaters instead of the previous two. (10Base2 was commonly called Thinnet, as the coax cable was much thinner than its predecessor.)
Both of those are shared-media. That means every station receives every other station's transmissions. It's half-duplex in that only one side can transmit in any one time. The concept of "Collisions" and collision-backoff intervals were employed to minimize multiple stations transmitting at the same time.
With the advents of twisted-wire Ethernet (10Base-T) and having stations "home run" to a master repeater, this didn't change much other than the way in which cable was laid. HOWEVER, it prepared the ground for the existence of "smart repeaters" which would "learn" where each Ethernet MAC address was, and only forward frames to the right ports. This switching capacity led to them being called ... switches.
NON-Shared Medium comes into existence:
Switches now allow treating the network as a NON-shared medium. For example, Alice's PC can talk to Printer Bob, while Charlies PC talkes to file-server David, and neither's Ethernet frames interfere, hold up, or affect each other. That's what wired Ethernet is like in today's "modern" network.
WiFi however is a shared medium. AT THE VERY BEST it would be like going back to pre-switch days. If Alice's PC is transmitting, neither Printer Bob nor Charlie's PC or file-server David can be transmitting. Everybody queues up, and overall throughput drops by a function of the number of transmitting stations. But wait, WiFi has other issues which means it's not "at its very best." Some of these include hidden-nodes, RFI, limitation on channel-use, and adjacency issues. Additionally, most WiFi devices will transmit at the speed of the slowest station. So if you have a 802.11b node, it will slow down the 802.11g or 802.11n traffic. In other words, a WiFi network is worse than pre-switch wired networks by a significant amount.
CORE vs EDGE:
When you design a product (and a LAN is a product... it's used by everyone in the house/office/factory,etc.) a design should be based on accomplishing the goals. With LANs that's usually HIGH throughput, LOW cost, LOW errors. For that to work, the "bottlenecks" should not be in the center of this great star cluster of communication, but at the edge.
That is why the core needs to have the MOST bandwidth. (For some 100Mbps full-duplex wired is sufficient. For some of my clients 10Gbps is not enough.) The edge, where small-bandwidth devices exist (e.g. Android Phone, iPhone, Netbook, laptops) is the ideal deployment of WiFi for three reasons:
1. These devices are mobile. It makes sense they should be able to connect everywhere.
2. These devices use little bandwidth. It is unlikely they would normally saturate the wireless network.
3. These devices typically are complementary... so if a user has BOTH an Android phone AND a laptop... it's unlikely both will be using lots of data at the same time.
Ehud Gavron
Tucson AZ
P.S. "Wireless" as used her is "WiFi" which is wireless Ethernet. So it's not really "Wireless vs Ethernet" but rather "Wireless vs Wired".
Wireless is ludicrously insecure, to the point where any busyness today should be shot for even giving a 100% corporate wireless network more than 10 seconds worth of thought, unless they live in a sealed lead bunker. If you don't agree, please go work for a competitor.
A pPoorly designed wireless is ludicrously insecure. I can design a secure wireless network that would be insanely hard to break. However, it wouldn't be as easy to configure.
WPA2, IPSec,a proxy server, VPN, no DHCP, MAC locked, NLA, etc etc..
Very true. For such a setup what are your options for a wired connection? As far as I can you you have 2 options. Basically you can either provide two sockets, or you can use a VLAN to separate the network, with known MAC addresses receiving one VLAN tag, and unknown MAC addresses receiving another.
Neither of those two work nearly as well as having two SSIDs. Granted you are probably still assigning a VLAN based on SSID, but that is a much better way to do it than a MAC address list that would need to be uploaded to all the edge switches.
Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
I was going to moderate some people but I thought I'd pipe up and say just how incompetent some of our politicians (and general public) are.
There's been a small but consistent amount of talk about the NBN being silly because of the "advances in wireless technology" and people genuinely seem to think it's a viable option for a country the size of Australia, to do all the internet (and phones!) for over 20 million people, wirelessly.
Sad but true.
4 years ago I've helped to manage a mesh WiFi network for a fairly large enterprise. It covered a large building with about 1000 people working simultaneously. It was first intended as a temporary network (they had to relocate quickly, because of a fire in their old building). But it worked well enough to become the main network.
Keys to success: low-power APs with WDS, and gigabit Ethernet trunks + switches with STP. We used WPA with pre-shared password for wireless security and then IPSec for IP-level security (it was used with the wired network earlier so no setup was required).
As far as I remember, an average access point served about 15 clients. We manually set all the access points to the lowest possible power level, but apart from that we did no additional setup.
When personal computers came out, IT said "personal computers are toys and useless for real work, we do not allow them in our facility." When the first commercial Linux arrived in late 1995, I heard IT say "Linux is a toy and useless for real work, we do not allow it in our facility." Now I read in this very thread people saying "iPads are toys and useless for real work, we do not allow them." Hint to IT: It didn't work when you said that in 1980, it didn't work when you said that in 1995, and it won't work when you say that today.
I've heard all the excuses over the past 30 years over why IT can't allow the latest technology, and in the end they all ram up against reality. Mordac the Preventer of Information Services may have short-term victories, but in the end the wheels of progress grind him up. Reality simply *IS*. You aren't going to stop the executives from bringing in those things because they outrank you and your rear end will be out on the street if you try to stop them, not to mention that if you don't provide a secure wireless network capable of handling the iPads and other wireless devices that people want to use in your facility, you're going to end up with wildcat devices, often in the hands of untouchables -- people you can't touch, because they outrank you / are mission critical to the company / are close personal friends with the CEO / whatever. I've seen this dynamic -- IT trying to stop new technology from entering the workplace, and being bypassed -- so many times over the years, that you'd think IT would get a clue and get ahead of the technology curve rather than trying to downplay the new technology as "just a toy and useless for real work." Yet reading the comments on this article I see IT people doing the same thing that didn't work in 1995, that didn't work in 1980, that won't work today -- trying to keep technology they don't understand / don't like / have no personal use for themselves out of the workplace.
Hint: You might as well start trying to figure out how to make your environment work for ubiquitous wireless devices, because it is *not* a "fad" that's going away. An iPad isn't a substitute for a desktop computer, just as a desktop computer isn't a substitute for a mainframe, but clearly people are finding the things to be useful for *something* if they're wanting it on the work network, and it's not your job as IT to tell them that no, it's *not* useful (when clearly the reality is that it darn well *is* useful for something, even if you don't understand what), it's your job to accept that reality and figure out some way to get the things on your network in a secure and reasonably speedy fashion. Because it will happen regardless -- so you might as well do it right, instead of the futile fight against insecure wildcat access points in the hands of untouchables that will otherwise happen.
Send mail here if you want to reach me.
Try running X over a slow connection whereby the idiot owning the slow connection really digs VLANs but you still need an SSH tunnel. WiFi would be the 3rd encryption in the chain and would make everything even more unlikely. Kick out WiFi and you're better off. Persuade the VLAN idiot -although the fscking bastard will go to great lengths in order NOT to understand you- and you're almost fine.
I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
Wake me up when my ESX hosts connect to the SAN wirelessly
Oh, and PoE is a lifesaver for anyone who has ever deployed IP phones.
If regular / cheap switches and routers would allow at least one PoE port it would be much easier than being forced to run the wires to the few PoE capable switches - and even those can power only 4-8 ports of a total of 16-24.
In most cases I end up adding a power brick next to the IP phones.