Cluster Multiple Access points – A peek at Wireless Clustering for Unified Management

Well, you want to go with a reliable and simple wireless solution for your organization. But your’s is not a small one for a single/ couple of stand alone access points. Neither is it a big one for going with wireless controller managed access points. Your requirement is to provide wireless coverage for around 100 people by having five to six access points, but you want the wireless technology to be reliable as well as cost effective. Wireless Access Points Clustering, may be the answer for you! Read on to find out more…

Architecture/ Block Diagram for Wireless Access Points Clustering
Architecture / Block Diagram for Wireless Access Points Clustering

Unlike wired networks which are quite simple to predict and build, wireless technology has always been tricky – you just cannot predict the coverage area or the bandwidth levels! Worse, it keeps changing frequently. Some times there are disconnections, some times the wireless network is slow, some times users don’t get signals properly! If you have multiple stand-alone access points, this might have been your experience. Getting a wireless controller might be the best answer, but its not a cost-effective option.

So, when you analyze the options – there are chances that you might have totally missed Clustering Access Points because very few vendors provide products supporting this nice technology!

So, What is Wireless Access Point Clustering?

Cluster, as the meaning goes, is a group which works in unison. So, the ability of the Stand-Alone Access Points to form a dynamic configuration aware group with similar access points (Read: same model, same vendor) is called a Wireless Cluster. A Wireless Cluster provides single point of administration for all the Access Points configured in the cluster mode in the same network. That means, you just need to configure one access point, and the remaining access points in the same cluster will borrow the configuration details from the first one. Not only that, when you need to make changes to the configuration of all the access points in the cluster, you just make them in one of the access points – the remaining will auto-sync all the changes.

An Access Point can even form a cluster with itself (cluster of one member). But for more than one clustering enabled access points, clustering can be achieved if,

  • All the Access Points are from the same vendor and the same make – they should support the wireless cluster technology.
  • All the Access Points should be in the same LAN (subnet).
  • They should have same radio (some vendors support dual radio as well) and band (2.4 Ghz or 5 Ghz) configuration.
  • Well generally, 8-10 Access Points can form such clusters depending on how many the vendor supports. The other stand-alone access points can reside on the network as stand-alone access points and this does not affect the cluster. Multiple clusters in the same network are supported by some vendors.
  • Generally, each Access Point can be individually selected/ not selected to join a cluster. A cluster also has its unique name and if there are going to be multiple clusters, all the access points in each cluster should have the same name.

What are the advantages of Access Point Clustering?

The main advantage is that multiple stand alone access points can be managed as one entity instead of having to configure settings in each of them separately. When one of them is configured/ re-configured, all of them pick up the settings and configurations from there. The cluster settings in some models allows to check if any changes have been made in the cluster access points every hour (or some other duration, that can be selected).

Another important advantage is Roaming. Clustering multiple access points allow wireless clients (laptops, wi-fi phones, wi-fi cell phones) to roam within any of the clustered access points without having to disconnect and with a very fast hand over time (in milli-seconds) so that even calls being made on the wireless IP network can continue without interruptions when the clients roam from one access point to another (clustered mode).

Clustering enables Automatic Channel Assignment: Well, with stand-alone access points, this is a big dis-advantage as they select the channel of operation (sub-frequency in the given spectrum) by themselves in a random fashion (without checking for the channels in which neighboring access points operate in). This results in interference, frequent disconnections, etc. And what makes is worse is that the commonly used 2.4 Ghz spectrum has only three non over lapping channels (2,6,11) and the neighboring access points should work in one of these three but should not select the same channel as well!  But with clustering, automatic channel assignment can be enabled in which each access point checks the channel of operation of the neighboring access points and adjusts its frequency accordingly so that there would be minimum interference. The channels assigned to each cluster member can be viewed, and if required locked manually.

The configuration/ settings for the following can be generally managed by a cluster (not all vendors support all the below settings, but this is a generic list):

  • Wireless Network Name (SSID)
  • Administrator Password
  • Configuration Policy
  • Wireless Interface Settings
  • User accounts and Authentication
  • Network Time Protocol Settings
  • Radio Settings (Mode, Channel, Fragmentation Threshold, RTS Threshold etc)
  • Basic security settings/ MAC address filtering tables
  • QoS settings

Limitations of Wireless Access Points Clustering:

  • It is supported by a very few vendors, and in particular models only (all the cluster AP’s should be of the same vendor and model).
  • There are no standards for this technology, and is generally proprietary to the vendor.
  • Has not been adopted on a large scale.
  • IP addresses, MAC addresses, Location Info, Load balancing Info etc. are not shared between the cluster members (for those settings not shared by cluster members, the configuration should be done individually in each AP).
  • There is a limit to the maximum number of access points that can form a cluster (generally 8 or 10)
  • Sometimes the access points need to be in the range of at least one of the cluster AP’s.

Related Article: Everything you wanted to know about Wi-Fi Networks – Architecture/ Block Diagram and Components

What is multicasting and why network switches need to bother about it?

Architecture Diagram - Multicasting and IGMP Snooping
Architecture Diagram - Multicasting and IGMP Snooping

Since the networks of today are being expected to carry a lot of real time traffic like IPTV, training video’s etc, we explore multi-casting technique as a viable method of transmission to multiple clients in this article. We also explore the advantages, applications as well as the protocols involved in making multi-cast transmissions feasible over LAN as well as WAN networks. We finally touch up on IGMP/ MLD Snooping and how network switches reduce congestion and save bandwidth through those two techniques.

What is Multi-casting?

Suppose you want to send a video or a multimedia presentation (which come in large sizes) to a few people on your network. You can do one of the three following things:

You could send many Uni-cast transmissions (One PC to Another PC)

You could send a broadcast transmission (One PC to All PC’s)

You could send a Multi-cast transmission (One PC to many selective PC’s)

As you would have guessed, sending the same stream again and again to different PC’s would take a lot of bandwidth and server resources. Broadcasting would be ok, but not all hosts would be interested to receiving the content. Multi-casting is the best option in such a scenario as it sends the stream only once and only those PC’s/ Networks (In multi-network scenario) that are interested to receive them, do. And multi-cast transmissions are not sent directly to the MAC addresses of the PC’s that are supposed to receive them – instead a multi-cast address is used by the hosts and the routers/ switches determine where to send them or rather, where not to send them.

So, multi-casting is a method to send a single data stream to multiple selective clients across different/ same network.

Multi-casting within the same network:

This is simple. When the multi-cast server sends the multi-cast stream to the network, those PC’s which which have already joined the multi-cast group get the streams and the ones that have not, reject them.

Multi-casting through multiple networks:

In case there are multiple networks, the best path between the source server and the destination hosts needs to be established (which is done using multi-cast distribution trees constructed using specialized protocols) along with finding out which PC’s and consequently which networks are interested to join the multi-cast groups (if no node in a sub-network is interested in the multi-cast stream, the routers do not send multi-cast packets to that sub-network. This also can be established using certain protocol messages that are exchanged frequently between routers and hosts).

What are the advantages of Multi-casting?

  • Uses lower bandwidth
  • There is lesser load on the server (source) resources as well as network resources
  • Large size real time transmissions (including multi-media, voice, video etc) can be sent using multi-casting
  • Multi-casting is suitable for transmission across multiple networks in a Wide Area Network (like Internet) too

What are the common applications of multi-casting?

  • Streaming Audio/ Video / Multi-media for a group of users on the network
  • Broadcast quality Internet TV over the IP Network
  • Audio/Video Conferencing
  • Streaming of recorded videos such as educational lectures, chairman key note address, minutes of meeting, etc
  • File distribution (like OS images and updates to multiple hosts), etc.

Some Tools available distributing a multi-cast stream:

  • The VideoLAN group, which is the creator of the popular VLC media player, has developed a software program called Multicat that can be downloaded to your PC’s/ Server and can be used to initiate and send multi-cast sessions. This can also be used to convert uni-cast, file format streams etc, in to various formats including multi-cast.
  • XORP, is an open source freely down-loadable Router Software that can run on any standard PC/ Server hardware that lets you to test and use the multi-cast concepts and protocols like IGMP, PIM-SM and even other common routing protocols.

Quality of Service in Multi-casting:

Multi-casting in general is connection-less and unreliable source of communication. If a few packets are lost during communication or receiving, they will not be resent by the source. Neither does the host request it. This is quite ok for a real time applications like voice/ video streaming and more over some applications have buffering built-in for compensation of delayed multi-cast packets and smoothening out losses. In addition to this, network switches can also implement end-to-end QoS settings for prioritizing the critical multi-cast sessions.

But what about those multi-cast sessions which contain critical data to be transmitted over a number of computers (like stock market tickets or OS patches, for example)? To address this, certain protocols like RSVP – Resource Reservation Protocol (A control protocol operating in the transport layer to provide receiver initiated resource reservations for multi-cast data flows for delivering specific levels of QoS / resource reservation / bandwidth reservation for application streams in each node along a path) and PGM – Pragmatic General Multi-cast (When some packets are missed, the same can be determined by the host (recipient) and a request can be made for a re-transmission of the same – PGM enables a framework to achieve this) and a few others were proposed and some are in use as well.

Multi-cast Addressing Schemes:

IPv4: IPv4 Multi-cast addresses use Class D addresses (staring with 1110 higher order bits in the first octect, followed by 28-bit group address) with a range of to (with some global exceptions which are pre-defined for other purposes by the IANA – Internet Assigned Numbers Authority).

IPv6: IPv6 multi-cast addresses start with the following higher order bits in the first octect – 11111111 (or) FF in hex. The next bit in the octect mentions the life-time parameter of the multi-cast addresses – 0 is permanent and 1 is temporary. The next four bits indicate the scope of the multi-cast address (with scope, it is possible to define how far the multi-cast addresses can go like node local, site local, global etc).

What is IGMP and why is IGMP Snooping by network switches required?

IGMP stands for Internet Group Management Protocol – This is the host-router communication protocol used by the routers and hosts to find out which host is interested in joining a particular multi-cast session. For a particular multi-cast address, routers send IGMP query messages to all the hosts in the network. If a host wants to join (or already joined), it sends a IGMP report message in response. Routers use this information to find out if there is at least one host in the particular sub-network which is interested in joining the multi-session, and forward the multi-cast stream only if there are any hosts interested in receiving the same in that network.

IGMP Snooping is a technique which is used by the network switches wherein they continuously check for the IGMP packets going through them and establish which particular hosts (PC’s) wants to receive which multi-cast streams and they build an appropriate table around that information. Using that, when the router sends the multi-cast stream (by default, it send the multi-cast stream to all the hosts (PC’s) in a given network), the switches interfere and send the stream to only those PC’s already registered to receive the same. This saves a lot of bandwidth and network resources and is an efficient method. This is one of the reasons why you ought to invest in fully manageable network switches with IGMP Snooping features available in them.

IGMP and IGMP Snooping is used while dealing with IPv4 addresses while MLD (Multi-cast Listener Discovery) and MLD Snooping is used while dealing with IPv6 addresses. MLD is similar to IGMP comes with a few enhancements to support IPv6 addresses.

Router-Router Signaling Protocols for Path Establishment:

Consider a scenario where you are sending multi-cast packets over a WAN network to multiple hosts present across different geographies. The server (source) does not know which hosts (PC’s) the packets must be addressed to. So, it sends the packets addressed to a generic multi-cast address to the routers as the first step. Now, the routers interact with each other to establish distribution trees to connect all members of a multi-cast group using Multi-cast Routing Protocols. There are two types of Multi-cast Routing Protocols:

Dense Mode Protocols – These protocols periodically flood the networks with multi-cast traffic to establish and maintain a distribution tree. So, it works well for situations where a particular network has a large number of multi-cast users for that particular multi-cast session as the process of flooding consumes a lot of bandwidth. Examples of Dense Mode Protocols – DVMRP – Distance Vector Multi-cast Routing Protocol, PIM-DM – Protocol Independent Multi-cast (Dense Mode).

Sparse Mode Protocols – These protocols do not flood the network like their dense mode counter-parts but construct distribution trees by adding branches only when they receive join requests from hosts. This is used in networks where there are a lot of PC’s but only a few of them are interested in receiving a particular multi-cast stream, and this saves a lot of bandwidth and network resources in such scenarios.

Media Converters – Convert Copper Interfaces to Fiber and back

If you want to extend your LAN to include a department that is a few hundred meters from your main switch and cannot lay copper cables (due to the distance limitations), you can use Fiber (to copper) Media Converters. There is more to media converters than just the conversion – read this article to find out.

Fiber to Copper Media Converter - Architecture Diagram
Media Converter - Architecture / Connectivity Diagram

What is a Media Converter?

Fiber media converters have one copper (RJ-45) port and one fiber port. The copper port connects to the network switch and fiber port connects to the fiber cable.They are used for extending a LAN network for more than 100 meters to a few kilo meters through fiber cables and the fiber connection is converted in to copper connection at either end so that they can terminate on the copper UTP port of the network switch.

In the above architecture/ connectivity diagram for a media converter which is an example to illustrate how the media converter can be used and its connectivity details, there are two departments – Dept 1 and Dept 2. Both are having network switches with copper UTP ports. Since the distance between them is more than 100 meters (it could be anything between 100 meters and 70 KM – still you can use single mode fiber to connect both), its not feasible to take a copper UTP cable across to connect the two departments directly (Indirect methods like having network switches every 90 meters to boost the signals is still possible, but may not be feasible for longer distances as the network switches require racks, power supply, additional space etc. And each electronic component added in between becomes a potential point of failure too).

There are two cases: Either the network switches do not have any fiber ports (or) they have fiber ports. If there are no fiber ports, then we could use media converters at either end and use a fiber cable between the two departments to carry the data (Fiber cable termination is not as simple as copper termination which can be done using a UTP patch cord and plugging them in to the RJ-45 ports at either end. First the fiber cores need to be individually spliced, tested and terminated on a fiber patch panel/ pigtail/ coupler assembly. From the coupler, we can use a fiber patch cord to connect to the media converter). If the network switches have fiber ports (they may come with 2,4 or all 24 fiber ports), then we could insert a fiber module inside the SFP ports at either end and terminate the fiber patch cords from the fiber patch panel directly to the fiber ports of the switches at both the departments to establish a fiber link.

Why use Fiber Cables at all?

The Optical Fiber Cables use light as the transmission medium and hence it is not prone to EMI and other interferences that copper cables are prone to (especially in manufacturing environments, the interferences can be considerable). The Fiber cables are not electrical conductors and hence are not adversely affected by lightning and other power disturbances. Fiber cables support signals to be transmitted over longer distances – up to 70 km (approximate distance, can be more based on the product) using single mode fiber cables for example, without having the need to repeat the signals anywhere in between. Contrast this with copper UTP cables which needs to be repeated every 90 meters!

Fiber Cables are stable and offer investment protection – You don’t need to change the cables to support higher bandwidths, you just need to upgrade the fiber modules/ media converters at either end. Contrast this with copper UTP cables which have further distance restrictions (to support higher bandwidth) and some times don’t even support carrying of higher bandwidth which makes it imperative to change the copper UTP cabling as well when you upgrade to newer network infrastructure.

Why Media Converters?

Why not just buy network switches with direct fiber termination and fiber modules and connect the fiber cables directly to them? Why use media converters at all? This question does not have a technical answer but the answer is more commercial – media converters do not require fiber enabled switches (they can be used even with unmanaged entry level switches) and hence the connectivity solution is cost effective. For a single fiber link, changing the whole switches and buying fiber modules at either end might be a more expensive proposition. But direct termination of fiber links on network switches is also highly recommended.

Not just that, media converters give more options – you can buy a single pair of media converter (stand alone devices) at either end or get a chassis based system where you can insert multiple media converters from 1 to 18/19 in single increments – they are also hot swappable, come with redundant power supplies and offer power source consolidation. But network switches come with more rigid configurations – 2, 4, 24 or 48 ports only. If you want 5 fiber connections, for example, you may need to buy two network switches with 4 fiber ports each and 24/48 copper ports each irrespective of whether you are going to use the remaining fiber and copper ports! And yeah, some of the network switches do not have fiber interfaces at all!

Some interesting points about Media Converters:

  • There are multiple types of media converters – managed (SNMP) / unmanaged, 100 Mbps/ 1000 Mbps, Single Mode/ Multi Mode, having different fiber interfaces – SC/LC/ST etc, Stand-Alone Devices/ Chassis based systems (that can accommodate multiple individual media converter cards), Desktop/ Stand-Alone/Wall mountable types etc.
  • There are certain media converters that can do a rate conversion on the copper end – 10/100 Mbps and 10/100/1000 Mbps – Both ends determine the highest possible speeds supported on the copper network, and adjust to that speed on the fiber network.
  • Some media converters are intelligent enough to sense when they are no longer receiving the optical signals (due to fiber cable cuts, copper cable disconnections etc) and send an information immediately to the NMS/ management interface (supporting SNMP) so that appropriate action could be taken.
  • Fiber Media Converters require electrical power to function – but this power could be supplied over the Ethernet cable itself (along with data) through the IEEE802.3af POE standard. This works on only certain models that support POE.
  • Fiber Media Converters usually have activity, speed and link-on status indicators (LED’s).
  • Some Media Converters come with SFP slots – The advantage is, both single mode as well as multi mode modules could be populated in them to make them work as single mode (or) multi mode media converters (But either end in the same connection should be of the same type – either single mode or multi mode).
  • Slightly Off-topic, but there are certain fiber converters that convert single mode signals to multi mode and vice versa – If you are running a multi mode signal to a department and the department is required to be shifted to a far away place, you could just use this converter and convert the multi mode signal to a single mode one, to be propagated over longer distances using single mode fiber – instead of changing the entire end to end connectivity to single mode, that is.
  • Some fiber media converters can provide link redundancy by allowing to connect two fiber cables (one in active mode – transmitting, another in passive mode – not transmitting) so that when the active fiber gets cut or fails, the link will be immediately switched over to the passive fiber link (which now becomes active). This uses the spanning tree protocol like how network switches do.

An Overview of Active and Passive Components used to create an IP Network

A Wired Computer Network (LAN) is basically a combination of various Active and Passive Network Components. In this article, we explore the salient points on the important Active and Passive Components that are required for building a basic wired computer network.

Wired Computer Network – Architecture Diagram:

Architecture Diagram - Active and Passive Components in an IP Network
Architecture Diagram – Active and Passive Components in an IP Network

In the above diagram, let us assume that there are basically three departments in an organization that wants to have a LAN across all the departments – IT Department, Department 1, Department 2. So, if we are to plan for the network components department wise, for the IT department, we could plan for,

Network rack,

Router, Core switch

Edge Switches (if required)

UTP Patch panel, UTP Patch Cords

Fiber Patch Panel, Fiber Patch Cords

Cat 6/ Cat6A UTP cables

I/O Box with Face Plate, UTP Patch Cords

PVC Channel – Casing Caping/ Conduits

Fiber Cables (Single Mode or Multi Mode)

The components required in the other two departments would also be similar with the exception of router/ core switch being replaced by distribution/ edge switches.

The above mentioned network components can be broadly divided in to two categories – Active Components and Passive Components. Active Components are those devices which required to be supplied with external power (AC/DC/POE etc) in order to function. They also boost the power of the signals. Passive components do not require to be provided with any electrical power to work – They just plug on to active components and transmit/ carry the information (electrical / optical signals).

Active Network Components:

Network Switches:

Network Switches are the basic components of an IP Network. All the network endpoints (like PC’s, Laptops, Printers, etc) connect to these switches. As the name goes, they switch (distribute) the data received from one node to any other node in the network. The network switches come in a variety of configurations, and the popular ones are mentioned below:

8 Port – 10/100/1000 Mbps

16 Port – 10/100/1000 Mbps

24 Port – 10/100/1000 Mbps

48 Port – 10/100/1000 Mbps

Network switches could also have 10/100 Mbps and POE/Non-POE Port combinations. They could also have variations in terms of functionalities – Manageable, Semi-Manageable and Unmanaged Switches. There are even 24/ 48 Port Optical Switches which connect as many optical connections in addition to the 2/4 ports of the optical connections that normal switches have.

The numbers (8, 16 etc.) in the above list refers to the number of Copper UTP Connectors the switch has, and the switches can connect to as many network devices. Each such port supports a maximum speed of 10(or)100 / 10(or)100(or)1000 Mbps depending on the end-point connecting to it (it can auto negotiate to the highest speed supported by the endpoint). Some ports support POE (Power over Ethernet) which is a technology to carry the power as well as data to the endpoints, so that the endpoints need not connect to a separate power source (In the case of Wireless Access Points, IP Phones etc).

Some network switches are of Un-managed type – You can just connect the computers to them, connect them to neighboring switches and extend the network, but beyond that function, not much functionalities/ management features are supported by them. The advantages of unmanaged switches are their cost – they are inexpensive.

Some network switches are of Semi-Managed type – They come with a web browser-based management interface, limited QoS configurations, VLAN configuration, 802.1x support and other such limited management features required for the management of the critical functionalities of the network. But these management features are limited to what is determined by the manufacturer. These switches are slightly more expensive than the unmanaged variety but less expensive than fully manageable switches.

Some network switches are Fully Manageable – They allow the configurations of VLAN’s per port, allow VLAN trunking, support web-based management functionalities, support SNMP/RMON protocols so that each port can be monitored by an SNMP based network management system, support RSTP (Rapid Spanning Tree Protocol) so that alternates cabling paths can be created for uplinking, support Link Aggregation so that couple of cables from individual ports can connect to the uplink switch with double the speed, support port mirroring for management/ call recording, support stacking and many other such useful features which help in maintaining a network.

Layer 3 Switches:

As the network becomes bigger and bigger, it becomes difficult to manage all the nodes using a single layer 2 network segment. One of the main problem with such unsegmented networks are broadcasts which can create performance bottlenecks on large networks. Another issue is the spreading of virus and botnets – with a segmented network, these remain mostly within their segments. That’s why VLAN’s are advocated on large networks which segment the network based on the location/ department/ application etc.

But the devices in one segment of the network would need to invariably communicate with the other segments – Especially in centralized networks where all the servers are designed to be in a common VLAN and the nodes communicating with them are from different VLAN’s. In such cases, there needs to be a Layer 3 network device that performs seamless Inter-VLAN routing without affecting the performance of the network – This is exactly the reason why Layer-3 switches are required. They are capable of performing both the Layer 2 Switching and Layer 3 Routing at Line Rate. They also allow to configure flexible network wide security policies and perform Layer 3 QoS functionalities which are critical in converged networks which carry a substantial amount of real-time traffic that require low latency.

Passive Network Components:

Structured Cabling has become quite common for inter-connecting the various active devices in an IP network. So the following passive components are commonly utilized in an IP Network for Structured Cabling:

  • Cat 6 UTP (Un-shielded Twisted Pair) Copper Cables – These are the network cables that connect a PC/ endpoint to a network switch. Some times, they are also used to provide inter-connectivity between switches as long as the distance is not greater than 90 meters, which is the distance they support for transmitting data without using any repeater (repeater function is provided by using network switches).
  • Cat 6 UTP Patch Cords – These are one meter/ 2 meter factory crimped cables with RJ-45 connectors installed at both ends. Actually, the Cat 6 Cables are not recommended to be directly terminated in either the network switch or the PC/endpoint. Only the patch cords terminate on both devices and connect to the Cat 6 Network cable through an I/O Box and UTP patch panel.
  • Network Rack – Network Racks are either wall mounted or Floor Standing types depending upon their size. Common sizes of network racks range from 6U to 42U. All the network equipments are designed in multiples of 1U so as to be accommodated in to these racks with standard fittings. They generally have a width of 19”. The network racks come with a glass door, lock and key, fans required for cooling, trays, power supplies, cable managers and all other accessories.
  • I/O Box and Face Plate: The I/O Box and Face Plate are kept near the computers and a UTP patch cord is used to connect the Face Plate with the network port in the PC. The Cat 6 UTP cable which comes from the switch terminates in to a permanent connection behind the I/O Box.
  • UTP Patch Panel: The UTP Patch Panel is used for terminating all the Cat 6 Cables that come from various PC’s/endpoints in the network (Actually I/O Box) to the rack. These Cables are permanently connected behind the UTP Patch Panel and UTP Patch Cords connect from the respective ports in front to the network switches. This allows for flexible moves, adds and changes without disturbing the switch ports. All the ports in the patch panel are labelled for easy identification of which node they are connected to.
  • Optical Fiber Cables: For carrying data over 90 meters, Optical Fiber Cables are used. These cables use light for transmission of data instead of the electrical signals used by the UTP cables. They can carry data for longer distances – even to a few kilo meters without having to repeat the signals in between. There are two types of cables – Single Mode (Used for higher bandwidth requirements for longer distances) and Multi Mode (Used for shorter distances). They connect directly to the Fiber Patch Panel at either end. Usually they come in multiples of 6 Cores – 6 Core, 12 Core, 24 Core being common. For each connection, two cores are used – one for transmit and another for receive.
  • Fiber Patch Panel/ Patch Cords: The Optical Fiber Cables are terminated on either end using the Fiber Patch Panel, Pigtails and Coupler assembly. Actually each core of the Fiber Cable is spliced to fit in to the Fiber Patch Panel. A Fiber Patch Cord connects to the Patch Panel and the Fiber interface of the Network Switch. The Fiber interface is usually an SFP Port over which a Fiber Module is inserted (Mini-Gbic interface). This Fiber Module can connect to the fiber patch cord directly.

You can buy many of the above mentioned networking products from Amazon (US). Try searching for products you want, from this  link –
Computer Networking Products on Amazon (US).

Disclaimer: The Amazon link given above is an affiliate link. If you click on it and buy the product, I may get a small commission. Your price will not change. If you don’t like this, you can directly visit from your browser and complete the purchase.

Related Article: A basic Enterprise LAN Network – Architecture diagram & Components.

Everything you wanted to know about Wireless (Wi-Fi) networks

A Wireless network basically utilizes the wireless frequencies (2.4 Ghz or 5 Ghz spectrum) to transmit the data, voice and video from one point to another using the wireless signals as the medium – But it is very rare to have  a total stand-alone wireless network as the wireless transmission and reception is restricted from the client (PC/Laptop/Wi-Fi Phone etc) to the Wireless Access Point. Beyond that, the data is carried in the wired backbone network. A look at the below Wi-Fi architecture diagram would better clarify this point.

Wireless Network Architecture Diagram
Wireless Network Architecture Diagram

As shown in the above diagram, the various wireless devices like laptops, computers, tablets, wi-fi enabled cell phones, wi-fi phones, wireless cameras etc connect to the wireless access points present in their respective floors and from there, the data is transmitted over the copper UTP cables to the wired network switch in each department and then via the optical fiber network to the core switch/ router in the IT Department and then to the outside world (Internet). So, only the client access is on Wi-Fi technology, and in rare cases the backbone also could be on wireless technology (with some limitations) using a wireless mesh. We are talking only about the enterprise campus wide wireless networks and not about the city-wide or nation wide wireless connectivity.

So, why are wireless networks required at all?

Can’t we just have wired network to all the places? We can, but wireless networks have the following key advantages over wired networks:

  • Network Access from anywhere: It’s just much more convenient for us to access the network from any place in the campus and not just our seat alone. Think about it, you go to your project manager’s room for discussion, and you may want to show something from your laptop. You go to the conference room or cafeteria and might want to connect to the network. When laptop’s have become ultra portable, so must the network!
  • Cost Reduction: In certain places like hostels for example, it does not make sense to have wires running to each room for Internet connectivity. Its not only the cables but the additional switch ports, the passive components, I/O boxes, patch cords and so many components that come along with the wired network. So, having a wireless network in these high density browsing locations (hot-spots) reduces a lot of cost.
  • No cluttering of cables: A wireless network certainly eliminates clutter to a huge extant and makes the place look much more neat.
  • Good performance/ throughput: With the advent of IEEE 802.11n technology, wireless networks can now support higher throughput around the range of 300 Mbps. So, even if this bandwidth gets divided by the number of systems connecting to each access point, we are still left with a decent throughput. Let’s accept it – 1000 Mbps to the desktop offered by the wired networks are just not required!!

What do you need in order to set up a wireless network?

For Small Office/ Home Office (SOHO) (1-15 employees)

If your’s is a home office or a small office (with fewer than 15 users connecting to the network and within a compact area), then a small stand alone access point costing less than 100 USD would suffice your requirement. Just plug it to the wired network switch, and your network is ready! Some times, the broadband modem which terminates the broadband line comes with built in modem, and that might also suffice simple wi-fi requirements.

But always keep in mind that the laptops/ PC’s connecting to the wireless network should be having IEEE 802.11 a/b/g/n standards based wireless adapters. For laptops, this comes built-in mostly but for PC’s, you may need to add an USB based / PCMCIA slot based Wireless adaptor. So, if you are using only PC’s in your network, getting the wireless adaptors for all of them might increase the cost considerably! Also, some network devices like printers, servers etc require dedicated wired connectivity. So, keep these factors in mind while planning for a wireless network in a small office.

For medium sized organizations (20 – 100 employees):

This is where the confusion comes – should you go for a stand alone access points based wireless network or a controller based wireless network? Of course, the best option would be to go for a controller based wireless network (see next section for top reasons for the same) but this might increase the cost. If you go for a stand-alone access points based wireless network, you might not only lose a lot of centralized functionalities, but might also be prone to wireless interference between the neighboring access points. There are three options you could try in such cases (in case you decide to go for stand alone access points):

Set the frequency of operation for each access point manually so that the neighboring access points operate in different frequencies (But some access points do not allow to do this setting and the frequencies are reset every time the access points boot up – due to power failure for example – so such things need to be taken care of).

Go for stand alone access points that can be upgraded to controller based access points in the future – This means the access points still are stand alone types and can work individually without the controller, but when the network grows or there are excessive maintenance problems, you could buy a controller of the same make and manage all these access points through it, at a later date. There are a very few vendors who offer such access points, though.

Go for access points which support clustering within the stand-alone access points. Clustering is a technology that allows the access points to share certain information within themselves in order to provide some entry level centralized management for all these access points. But these access points can share information only when each of them are in range of at least one access point within the cluster group and there is also limitation in the maximum number of access points that can be part of a cluster group. If these access points can later on be upgraded to a controller based access points, it is even better!

For Large Organizations (More than 100 employees):

Its highly recommended that larger organizations go with a centralized controller based wireless solution where the wireless controller is used to provide centralized management functionalities to all the access points across the network. Below are a list of top five reasons for the same:

The Top 5 reasons to have a wireless controller:

Centralized Authentication and Encryption: If you have multiple stand alone access points at multiple locations, imagine having to update each access point with the list of MAC addresses that can connect to it. Consider maintaining such a set up as some employees are going to leave the organization and some will join. And what will happen to guests who want a temporary access to Internet? Wireless controllers integrate with centralized corporate directories like Active Directory/ LDAP etc to give user based authentication (User-name/password and(or) prior installed certificates). This would be applied to all the users irrespective of which access point they connect to. The guests can be given a temporary account with which they can access only certain resources and that too only for a certain time period with a wireless controller. All the communications between laptops and access points (and) access points and controller are encrypted for security.

Radio Management and Interference Mitigation: If two neighboring access points operate in the same frequency, there would be a lot of interference and would result in loss of data or loss of connections happening frequently. So, wireless controller can identify which access points are nearer to each other and assign them to operate in different frequencies. The controller can also do load balancing of users between access points and can push the users to another access points if the primary access point that they connect to, fails.

Network Access Control: Wireless Controller can organize users in to various groups and enforce certain policies on what network resources they can use and what they cannot. Some users may not be given Internet access but given ERP access and vice versa, for example.

Roaming: For voice clients like voice over wi-fi phones and dual mode cell phones, it is very critical that the connection does not terminate when the users are talking over them and moving across the campus simultaneously. So, controller supports roaming – fast hand-off of voice sessions to near by access points in order to keep a voice session from breaking abruptly when it goes beyond the range of one access point.

QoS and Network Visualization: For supporting real time applications like voice and video, the wireless network needs to support an end-to-end QoS setting for prioritization of the real time latency sensitive voice and video packets across the network. It would further help if the wired network is also configured with such QoS prioritization settings. Controller also allows administrators to see the signal strength levels across their network in a live heat map – this could be very helpful while maintaining huge wi-fi networks.

Which is better – 2.4 Ghz Spectrum or 5 Ghz Spectrum?

Wireless devices can connect to the wireless network in either 2.4 Ghz spectrum or 5 Ghz spectrum (depending on which spectrum the wireless adapter in the laptop and the access point, both support). While 5 Ghz spectrum is more cleaner and is rid of interference from sources like microwave etc, the commonly available laptops and access points mostly support only 2.4 Ghz. Actually, 2.4 Ghz spectrum allows only three non-overlapping channels for IEEE 802.11b/g! But with the advent of IEEE 802.11n technology, it is now possible to have wireless adaptors and dual radio access points supporting both the spectrum’s and the controller can decide (based on the load etc) as to which is better for individual clients.

What are the wireless standards for Wi-Fi ?

IEEE (Institute for Electrical and Electronic Engineers) have drafted certain standards for wireless equipments and each equipment needs to support one of them or multiples of them so that they can inter operate with wireless equipments made by other vendors. The different standards are:

IEEE 802.11 b – This was a very early standard and supports a maximum throughput of 11 Mbps and operates in the 2.4 Ghz spectrum

IEEE 802.11 a – This is a more recent standard supporting a maximum throughput of 54 Mbps and operates in the 5 Ghz spectrum

IEEE 802.11 g – This is the most common standard supporting a maximum throughput of 54 Mbps and operates in the 2.4 Ghz spectrum – Almost every laptop and access point should support this.

IEEE 802.11 n – This is the latest standard supporting a maximum throughput of 300 Mbps now and operates in both 2.4 Ghz as well as 5 Ghz spectrum’s.

Note: You cannot get the higher throughput offered by 802.11 n technology by just replacing the older access points with the newer access points – you need to replace the client adaptors to support 802.11n as well and you need to upgrade the backbone wired network to support 1000 Mbps throughput instead of the earlier 100 Mbps. The latest standards are backward compatible – IEEE 802.11n would support IEEE 802.11b/g or/and IEEE 802.11a.

Video Conferencing and Video Surveillance – An Introduction to Video Over IP Networks

Video over the computer networks has always been tricky – but the high capacity and high performance IP Networks of today make some interesting real time applications like video conferencing and IP video surveillance possible over the computer network. Lets check out the salient points about both of them, in this article.

Video Over IP Networks – Architecture Diagram:

Video Conferencing and Video Surveillance over IP Networks - Architecture Diagram
Video Over IP Networks - Structural Block Diagram

Video Conferencing:

Why is a Video Conferencing System required?

A Video Conferencing system is required to see and talk to people in real time. Its like a conference call, but its possible to see the persons as well as talk to them. In addition to that, participants can also show a presentation to the other end while talking. This is very useful for conducting business meetings, educational seminars, tele-medicine, multi-location discussions, etc without the people involved having to travel all the distance!

In the above architecture diagram, there is a head office with three departments (IT Dept, Dept-1 and Dept-2) with LAN connectivity between them. There is also a branch office and remote location (for tele-commuter). All these different locations have some form of connectivity – either all of them are connected over Internet Leased Lines or have MPLS network set up between them, etc. So, using VC-1 and VC-2 and the IP Network, the people from Head Office IT department can see and talk to the people from the Branch office. Also, the person from the remote office/ home worker can dial in to the conference by using a software VC client on his laptop and connecting to the internet using a broadband connection. That becomes a 3-Party Video Conference. There could also be another monitor connected in each location where they could see a presentation (ppt slides from computer) being presented by the remote user.

What are the components of a Video Conferencing System?

  1. Video Conferencing Codec/ Camera (This is the heart of the VC system as it integrates multiple input streams with the output streams – audio and video and also connects to the LAN/ WAN for transmitting the video information. The Codec also compresses the video data with a technique called H.264 which enables better quality at a lower bandwidth. There are even High Definition Video Conferencing systems for better clarity, now. The VC Codec generally comes with the required camera and microphone(s).
  2. Display Devices – A CRT TV, LCD TV, LCD Monitor, Plasma Display, LCD/ DLP projectors can all be used as display devices for Video Conferencing systems. Do note that some of them may not have built-in speakers and hence a basic amplifier and speaker system would help.
  3. Computer Network – A computer network is required for carriying the signals to the VC system from the place where the WAN links terminate within your campus, unless the VC system is placed right next to the router where the WAN links terminate, which is quite impossible in most cases. The VC system can directly plug in to the LAN using an RJ-45 port. You can also set an IP address to the VC System, in fact, you have to.
  4. Bandwidth – A Video Conferencing system is used to conduct a meeting between two disparate locations and hence both the locations need to be connected with each other using Internet Leased Lines, Point to Point Managed Leased Lines, MPLS networks etc.
  5. PC/ Laptop – To make presentations that can be visible at the remote end by connecting them to the VC System. Even a DVD player/ Document camera can be connected to the VC system and their output can be seen at the remote location.

Latest developments in the Video Conferencing Industry:

High Definition – Video Conferencing sessions can now be viewed in high definition mode if the VC system, monitors and other accessesories used are HD enabled.

Recording and Streaming – Video Conferencing sessions can be recorded and played back at a later stage They could also be streamed to a number of LAN users live so that they could also see and listen to the speaker.

Telepresence – Video Conferencing cannot get more real than telepresence. This is a method where the the images presented to the participants are life-size and the room is designed in such a way that half the table appears to be on this side and the other half appears on the screen – All this create an illusion to the user that the remote participants are sitting just opposite to them.

IP Video Surveillance:

What is an IP Video Surveillance system?

An IP Video Surveillance system basically consists of IP Video Cameras, Network Video Recorder (hosted on a server) and computer network/ monitors. This is used to capture and record video signals at places that need to be monitored from central/ remote locations.

In the architectural block diagram given above for Video Over IP Networks, there are basically three locations (Head office with three departments, branch office and remote office/ home worker locations). IP Surveillance cameras are placed at two departments in the head office (IPSC-1 & IPSC-2) and also in the branch office. All of them are connected to the LAN network and also the WAN Network. It is not only possible to view the images sent by any IP Camera through the PC in the server room, but it is also possible to do so through PC-1, PC-2, PC-3 and the laptop in the remote office. It is even possible to view the live video streaming over a 3G enabled Cell Phone. There is also an NVR – Network Video Recorder which uses its internal storage/ external NAS appliances to record the videos.

What are the main advantages of IP Video Surveillance / Network Cameras?

Single Network: There is no need to form a separate network of analog co-axial cables to carry the video signals across, as the standard computer network is used for the same. So, the cost of forming and maintaining the network is reduced.

Remote monitoring: It is possible to see the live video streams from any location (LAN/ WAN) and also from a remote location like home over the broadband/ Cellular 3G networks and devices.

Wireless Surveillance: Wi-Fi Surveillance Cameras extend the reach of the video surveillance to areas coverd by wi-fi without requiring to connect them to the data cables.

Digital Image Processing: IP Video Surveillance enables new applications like number plate recognition, motion sensing and alarms, face recognition etc.

Audio: IP Cameras can trasmit audio along with video in order to hear what is being spoken on the remote end.

An Introduction to Voice Over IP (VOIP) & IP Telephony

Have you seen the phones in your office being plugged to the computer network (RJ-45 Jack) and wondered why enterprises have moved to IP Telephony/ VOIP System? In this article we discuss exactly that. We have also included an introduction and a short note on the various components used to build an IP Telephony/ VOIP system. The IP Telephony architecture diagram just below would give a good insight in to the connectivity architecture and how exactly the IP Telephony Servers and IP Phones get integrated in to the computer networks.

Voice Over IP - IP Telephony Architecture and Connectivity Diagram
VOIP/ IP Telephony - Architecture and Connectivity Diagram


Voice Over IP Networks (VOIP) / IP Telephony:

What is IP Telephony?

IP Telephony is basically a concept where all the voice communications within and outside an enterprise network is carried over the Computer Network (4 Pair UTP Cables) instead of the Single Pair Voice Cable Network.

A VOIP (Voice Over IP Networks) System / IP Telephony system has become the basis of a converged network, where a single computer network is used to carry voice, multimedia and video applications in real time in addition to the data traffic they are expected to carry.

Why has IP Telephony System become very popular?

  • IP Telephony system utilizes the same network as the computer network and hence the cost of creating and maintaining a separate voice network is not there. So, there is a single converged network for transmitting both voice and data traffic.
  • With IP Telephony, Inter-branch calling and long distance calling become very cost effective as the WAN IP Networks (Internet, Leased Lines, MPLS Circuits) that carry data are used to carry voice as well.
  • The IP Telephony system scales up very well and quickly – New extensions are created based on software licenses and hence it is very fast and a large number of extensions can be created and implemented quickly.
  • IP Telephony System enables a lot of voice applications out of the box (Like IVR, Voice Mail, Call Recording etc) and makes it easier to implement new applications and business process integration (Integration with Google Maps, CRM Systems for example).
  • IP Telephony system enables presence information to be shared across the network to identify who is available and how they wish to be contacted (over their Desk IP Phone, Soft Phone, Home phone, Cell phone, IM, video call, Voice Mail, Email etc). It also enables single number reach.
  • IP Telephony system integrates with corporate directories like Active Directory, LDAP and enables users to dial from their outlook contacts list and even web pages!
  • IP Telephony system can accommodate a variety of end points (IP phones, Dual Mode Cell Phones, Soft Clients, Wi-Fi Phones) and they can also be enabled over a variety of network interfaces (Wired Networks, Wi-FI networks, 3G Networks etc). IP Telephony system can also connect to the older analog phones and fax machines using ATA’s – Analog Telephony Adapters.
  • IP Telephony systems can connect to a variety of voice trunk lines from the service providers – PRI Lines, FXO Trunks, SIP Trunks etc and choose which line to use for which call based on a Least Cost Routing Analysis at any given point of time.
  • Redundancy can be created at multiple levels and remote hosting services (for disaster recovery, pay-as-you-use subscription models) are also available for IP Telephony systems.
  • IP Telephones enable multi-party meet-me conferences with password protected access.
  • Open Source based IP Telephony Call Control softwares are available, some of which are free of cost to download. They can be run on any standard Server/PC hardware.

What are the components of an IP Telephony System?

  • IP Telephony Server(s) – This is the heart of the IP Telephony systems which provides complete Call Control, Dial Plan control and all the basic vocie applications (In case of smaller systems, all the functionalities of the below mentioned application servers can also be bundled with this)
  • Application Servers – Some times applications like IVR (Interactive Voice Response – Auto Attendant), Call Recording, Voice Mail, Data Base Integration require to be hosted in separate servers – Especially for larger VOIP installations.
  • IP Phones – These IP Phones connect directly to the IP Network (RJ-45 based UTP Cables) and provide all the voice functionalities hitherto provided by analog phones like caller ID display, speaker phones, speed dial keys, memory etc.
  • Soft Phones – These are basically software utilities that have all the telephony functions but use the computer, head-set with microphone to make and receive calls.
  • Wi-Fi Phones/ Dual Mode Cell Phones – Wi-Fi phones are based on IP Technology and connect to the wireless network and act as mobile extensions. Certain Cell phones come with Wi-Fi adaptors and can be used as a Wi-Fi Phone (if the manufacturer supports the same). Cell Phones can also connect to the IP Telephony server through 3G Networks/ CDMA networks for making a VOIP Call.
  • Analog Telephony Adapters (ATA) – These are specialised devices that connect to the LAN at one end and connect to FXO (Analog Trunks) or FXS (Analog Extensions) at the other end.
  • PRI Cards – These are used to connect PRI/E1/T1 Trunk Lines to IP Telephony Servers – Usually they connect directly with the PCI/ PCI Express Slot in the server.
  • Computer IP Network – An IP based Computer Network is used to carry the voice signals across the enterprise and sometimes even to remote locations.
  • IP Phones are much more expensive when compared to the cost of analog phones.
  • The voice call quality (over IP Networks) depends on a number of parameters like the configuration of right QoS parameters, latency, jitter, available bandwidth etc across the network.
  • IP Networks need to be built with sufficient redundancy and security for continuous availability of IP Telephony services – If there is a DOS attack on the network (for example), the telephones also become inactive along with the computers.
  • Scaling of IP Telephony systems needs to be planned properly – Failing which, the IP telephony server may not be able to handle high concurrent call loads. There are hardware/ license based restrictions on the maximum number of concurrent calls that a single server can handle/ maximum number of end points that can connect to a single server.

A Basic Enterprise LAN Network Architecture – Block Diagram and Components

LAN Architecture Diagram and Components
LAN Architecture Diagram and Components

Have you ever wondered about what could be the various networking components that make an enterprise LAN (Computer Network / Local Area Network)? The above diagram shows you the connectivity architecture of the major components that form an enterprise network. We have also included a brief description of the individual components below:

Internet: The Internet cloud refers to the source of the Internet to an organization. The organization could be connected to the Internet via Internet Leased Lines/ Broadband/ 3G etc. For connectivity to other branches, a VPN Network over the Internet could be used (or) A Managed Leased Line/ MPLS circuit could be used as well.

Router: The Enterprise Router is basically a Layer-3 Network device that connects disparate networks. It acts as a gateway between the LAN and the WAN networks and the Internet Leased Lines/ MPLS Circuits/ Managed Leased Lines/ Broadband networks are all terminated on the router. Some Routers support additional modules for secure connectivity to other branches through VPN, Intrusion Prevention and Content Filtering etc. Routers have WAN ports and LAN ports to connect WAN and LAN connections respectively, and some of them have built-in Wireless/ VOIP capabilities.

UTM/ Firewall: The Unified Threat Management Appliance (or software) is for providing gateway level network security for the various end points used in the organization. The UTM Devices provide the following network security options: Firewall, Anti-Spam, Anti-Virus, Content Filtering, URL Filtering, Intrusion Prevention (IPS), Virtual Private Network (VPN), Protection from Internet threats like Phishing etc.

Core Switch: A Core Switch is generally a Layer-3 based Network Switch that connects to the various distribution switches, edge switches (through distribution switches / directly) using Optical Fiber Networks or UTP Copper cabling. They generally also connect to the computer servers (ERP, Web Server, Mail Server, Database Server, Application Servers, etc). The core switch is in the center of an enterprise network and it also provides Inter-VLAN routing. They are either stand-alone switches (24/48 Ports Copper, 4/24 Port Fiber) or Chassis-based where there is processing unit and number of blade modules(For connecting fiber/copper) that go in to empty slots allowing for a flexible configuration.

NAS Device: A NAS Device refers to a Network Area Storage Appliance (This could also be a Storage Area Network, depending upon the storage requirements) where bulk of the files/ data are stored for the servers and individual users (PC’s) to access them over the network whenever required. These appliances are mostly disk based and can be connected anywhere on the network (preferably to a core switch). They come in sizes ranging from 1 TB(Tera Byte) to multiple Tera Byte configurations.

Wireless Controller: There are many access points to provide wireless (Wi-Fi) access to the PC’s/ Laptops/ Wi-Fi Phones in the enterprise. All these Access Points are managed/ controlled by an appliance called ‘Wireless Controller’. Basically a wireless controller provides centralized authentication, encryption, network policies, radio frequency management, failover, load balancing, wireless intrusion scanning and other functionalities required for the wireless users across the network.

IP Telephony Server: The IP Telephony Server provides the call control functions (voice switching) for the telephony operations in an enterprise network. Since the IP Phones connect to the computer networks, these IP Telephony Servers provide centralized administration and connectivity to PSTN Lines to all the IP Phones/ VOIP devices over the network including the assigning of extension/ DID numbers and IVR (Interactive Voice Response).

Distribution Switches: Distribution Switches provide an aggregation layer for network switching. The distribution switches connect to both copper UTP cable network as well as optical fiber networks. The distribution switches are connected to the core switch on one end and to the edge switches on the other. Generally, there may be one distribution switch for each department and a network is sometimes formed without the distribution/ aggregation layer by connecting the network endpoints directly to them.

Edge Switches: The Edge/ endpoint switches are basically Layer-2 switches that provide direct connectivity to the various network devices like PC’s, laptops, Wireless Access Points etc using the Copper UTP cables. They come in various configurations including 8 Port/ 16 Port, 24 Port, 48 Port etc. They support 10/100 Mbps as well as 10/100/1000 Mbps connectivity to the various network devices. Some of them even support POE (Power Over Ethernet) for electrical power required for operation of certain network devices (like Wireless Access Points, IP Phones etc) and some of them could be stacked to each other for providing a single management interface/ combined backplane for multiple such edge switches.

Wireless Access Points: The Wireless Access Points contain built-in radios which provide wireless signals for connecting certain network devices that has an in-built wireless adapter. Basically these access points send wireless signals that can be interpreted by the wireless enabled network clients for communicating the data/ information over the wireless medium. Their job is just to collect these signals, convert them in to wired signals and send it over the LAN network for the wireless controller to interpret them and take appropriate action. They generally have a coverage range of 20-30 meters indoor and 80-100 meters outdoor and each device can connect to more than 15 wireless devices within their coverage area. They operate in the 2.4 and 5 Ghz frequency spectrum.

Network Endpoints/ Devices: There are various network devices/ endpoints connecting to the LAN via edge switches/ wireless access points. Some of them include PC/ Laptop/ PDA etc for data connectivity, IP Phones, Cell Phones/Wi-Fi Phones, Soft Phones for voice connectivity, IP Surveillance Cameras/ IP Video Conferencing devices for video over IP. There are also network based accessories like network printers, MFP’s (Multi-Function Printers), Scanners etc. connecting to the enterprise computer network.

Related Article: A basic Block Diagram of Active and Passive Components (Structured Cabling) used in a Local Area Network (LAN) with explanation.

Recommended book:

You can buy many computer networking products (switches, routers, wireless access points, cables, etc.) on Amazon, if you live in the US. Have a look at the networking products available in Amazon from the following link – Computer Networking Products on Amazon (US).

PS: The links to Amazon from this post are affiliate links. If you click on it and buy the product, I may get a small commission. 

Salient features of Mellanox Technologies HPC Switches

Salient features of Mellanox Technologies HPC Switches.

¤ They operate on Infiniband. Follow the link for the advantages of Infiniband technology.
¤ Each of the ports support up to 40 Gb/s fully bi-directional bandwidth. One model (MTS 3600) supports up to 36 ports. The second model (MTS 3600) supports up to 324 Ports (MTS 3610) in a 19 RU Chassis. Very dense configurations, both.
¤ Main application is for High Performance Computing (HPC) but can also serve in the enterprise data centre requiring high throughput.
¤ These switches support clustering. The servers can be clustered together for maximum utility. They support up to 6 multiple subnets. Virtual partitioning enables efficient use. Open Cluster Management software is also supported.
¤ The sub-net manager needs to run from one of the servers. The servers are connected to the switches through a special HCA connector.
¤ Support for adaptive routing (in a congested environment to re-route the traffic to congested ports) and static routing (to give superior results where traffic levels are more predictable).
¤ It supports very low latency – One of the advantages of Infiniband and hence suitable for high performance applications.
¤ Redundant power supply and fan units ensure high availability.

Aruba Networks Wireless LAN – Overview of Features and Components

Aruba Networks has been one of the leading providers of wireless LAN solution to enterprises, institutions and universities. It’s controller based architecture helps it to manage a large number of access points with a central interface.An overview of features supported by the Aruba Networks Wi-Fi Controller:

Aruba Networks controller provides for centralized management of all the access points. Be it authentication, sub-grouping them, applying policies or applying the updates – everything can be done from the controller. The controller also enables centralized authentication through a centralized database like Radius server/LDAP etc. User accounts can be created in the controller itself, as an option. The controller allows you to set the network access levels. Based on the user name and password, the users are classified into sub-groups. Each sub-group can have its own access policies (like internet allowed/not, SAP allowed or not etc). The controller also provides for bandwidth limiting per user/ per sub-group so that few users do not choke the whole network. There could also be a Quality of Service parameters set to enable higher priority for voice and video packets over data packets, for example. There is also an optional policy enforcement firewall which would enforce the network access policies applied per group and keep them away from each other. It also prevents basic attacks like DOS etc. There is a wireless intrusion protection module which would enable continuous scanning of the covered region for detecting any wireless threats like rouge access points, man-in-the-middle attacks, mac-spoofing, ad-hoc networks etc. Aruba’s RF deployment tool enables users to calculate the number of AP’s required to cover a certain area and the Live Heat map enables the user to see the actual coverage pattern – live in their PC screens. The strength of the bandwidth at a particular location in a floor plan could be ascertained by its colour. You could also enable location tracking – where the location of a PC or a device (attached with a wireless tag) could be detected within 1-3 meters in the floor plan. Voice over Wireless LAN enables you to connect your dual-mode phones and Wi-Fi handsets to the VOIP network and take the land line calls on the move.

For a more detailed description of the features supported by Aruba Networks please refer to the following article: Salient features of Aruba Networks Wireless LAN Solution

An overview of Controller and Access Point models:

The basic controller – Aruba 200 supports up to 6 Access points, followed by Aruba 800 Controller which supports up to 16 Access points (There are 8 POE Switch ports integrated in this model). Aruba 2400 controller supports 48 Access Points (with 24 POE switch ports) and Aruba 3000 Series support 32, 64, 128 Access Points with three different models. The biggest controller – Aruba 6000 supports up to 2048 Access Points in a single controller (Actually it is a chassis based system which has four slots, and each slot could be populated with a module to support up to 512 Access Points).

The basic access point – Aruba 61 AP is a single radio AP which could be software programmed to support either 802.11a or b/g. The next one – Aruba 65 AP is a dual radio access point which could support both 802.11 a and b/g. Aruba 70 AP is like Aruba 65 but with interfaces to connect extra antennas to boost the signal strength. Aruba 85 is a hardened outdoor access point that has a direct fiber interface. AP 121 is a single radio access point that supports 802.11n for higher throughput and AP 125 is a dual radio access point that supports 802.11n too.

Aruba Networks Controller and Access Point models

Aruba Networks controller models:

Aruba Networks comes with a great variety of controller models – starting from a basic version that supports eight access points and having a very big chassis based controller (With 4 slots – each supporting 512 AP) supporting up to 2048 access points with a single controller. Amazingly, the features supported by these controllers are the same from the entry-level model to the highest model. The following are some of the common models of Aruba Networks controllers and their main parameters.

Aruba 620 Controller:

  • LAN Access Points/ Remote Access Points (Max) : 8 / 32
  • Maximum No. of Users : 256
  • Ports: Fast Ethernet : 8 Nos (4 Supporting POE+), Gigabit Ethernet : 1 No, USB: 1 No.
  • Max. Firewall Throughput : Up to 800 Mbps

Aruba 650/651 Controller:

  • LAN Access Points / Remote Access Points (Max) : 16 / 64
  • Max. No of Users : 512
  • Ports: Gigabit Ethernet : 6 Nos (4 Supporting POE+), Gigabit Ethernet Pluggable: 2 Nos, USB: 4 Nos
  • Max. Firewall Throughput : 2 Gbps

Aruba 3000 Series Controller (3200/3400/3600):

  • No. of Access points supported: Up to 32/64/128 LAN Access Points & 128/256/512 Remote Access Points.
  • Maximum (recommended) users: 2048/4096/8192 users.
  • Ports: 4 Gigabit Ethernet ports, 4 Gigabit Ethernet SFP ports.
  • Firewall throughput: 3/4/4 Gbps.

Aruba 6000 Controller:

  • No. of Access points supported: Up to 2048 LAN Access Points/ 4096 Remote Access Points.
  • Maximum (recommended) users: 32,768 users.
  • Ports: Up to 72 Fast Ethernet ports, Up to 40 Gigabit Ethernet ports, Up to 8 10GE ports.
  • Firewall throughput: Up to  80 Gbps.

Aruba Networks Access Point models:

Aruba Networks has a wide variety of Access Points starting with a single radio access point and then a dual radio, external antenna attachable access points and even an outdoor access point. The outdoor access point even has a fiber interface. POE is supported by all the access points with an optional power injector and individual power adapters for AC power. The following are some of the common access point models and their main parameters.

Aruba AP 61:

  • Application: Indoor.
  • Radios: Single radio. Software configurable to either 802.11a (OR) 802.11b/g.
  • Operating mode: Multi service 802.11 a or b/g WLAN (OR) 802.11 a or b/g Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in.
  • Interface: 1xRJ-45 network port, Power – 1x5V DC, Serial over Ethernet(SOE).

Aruba AP 65:

  • Application: Indoor.
  • Radios: Dual radios. Software configurable to 802.11a and 802.11b/g.
  • Operating mode: Multi service 802.11 a + b/g WLAN (OR) 802.11 a + b/g Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in.
  • Interface: 1xRJ-45 network port, Power – 1x5V DC, Serial over Ethernet(SOE).

Aruba AP 70:

  • Application: Indoor, high performance.
  • Radios: Dual radios. Software configurable to 802.11a and 802.11b/g.
  • Operating mode: Multi service 802.11 a + b/g WLAN (OR) 802.11 a + b/g Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in and Quad-RP SMA interfaces (2 per radio).
  • Interface: 2xRJ-45 network port, Power – 1x5V DC, Serial over Ethernet(SOE), 4xRP-SMA Antenna interfaces.

Aruba AP 85:

  • Application: Outdoor, advanced high performance.
  • Radios: Dual radios. Software configurable to 802.11a and 802.11b/g.
  • Operating mode: Multi service 802.11 a + b/g WLAN (OR) 802.11 a + b/g Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP, Secure mesh point or portal.
  • Antenna: Quad N-Type female interfaces for connecting external antennas.
  • Interface: 1xRJ-45 network port, Power – 1x5V DC, Serial over Ethernet(SOE), 4xN-Type Female Antenna interfaces, 1x100baseFX Multi mode and 1x100baseLX Single mode (LC) – optional.

Aruba AP 121:

  • Application: Indoor.
  • Radios: Single radio. Software configurable to support 2.4 Ghz or 5 Ghz. Supports 802.11n.
  • Operating mode: Multi service 802.11 a/n or b/g/n WLAN (OR) 802.11 a/b/g/n Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in.
  • Interface: 2xRJ-45 network port(100/1000), Power – 1x5V DC, Serial over Ethernet(SOE).

Aruba AP 125:

  • Application: Indoor.
  • Radios: Dual radio. Software configurable to support 2.4 Ghz and 5 Ghz. Supports 802.11n, 3×3 MIMO
  • Operating mode: Multi service concurrent 802.11 a/n + b/g/n WLAN (OR) 802.11 a/b/g/n Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in.
  • Interface: 2xRJ-45 network port(100/1000), Power – 1x5V DC, Serial over Ethernet(SOE).

Aruba AP 105:

  • Application: Indoor
  • Radios: Dual radio. Software configurable to support 2.4 Ghz and 5 Ghz. Supports 802.11n, 2×2 MIMO
  • Operating mode: Multi service concurrent 802.11 a/n + b/g/n WLAN (OR) 802.11 a/b/g/n Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in.
  • Interface: 1xRJ-45 network port(100/1000), Power – 1x5V DC, Serial over Ethernet(SOE).

Aruba AP 93

  • Radios: Single radio. Software configurable to support 2.4 Ghz or 5 Ghz. Supports 802.11n, 2×2 MIMO
  • Operating mode: Multi service concurrent 802.11 a/n or b/g/n WLAN (OR) 802.11 a or (b/g/n) Air monitor (OR) hybrid combination of WLAN and Air monitor (OR) Remote AP.
  • Antenna: Built-in.
  • Interface: 1xRJ-45 network port(100/1000), Power – 1x5V DC, Serial over Ethernet(SOE).

For the latest Aruba Networks Controller/AP models, please visit the Aruba Networks website.

Salient features of Aruba Networks Wireless LAN (Wi-Fi) Solution

Salient Features of Aruba Networks Wireless LAN – Centralized Controller based System:

Centralized Management: Aruba Networks provides central control over all your Access Points and wireless clients across the globe through the Mobility Controller. So, sitting at one central location, you could determine who could access your network, how to authenticate the users, how to group them into various sub-groups and apply various policies to each group, detect and prevent Wireless Intrusion/ Wireless threats, allow all your users to roam across the enterprise, across the globe but still maintain their network Access Levels and policies, enable wireless VOIP phones and what not. Gone are the days of having individual access points and configuring each of them individually.

Network Access/ Authentication: Aruba networks have an inbuilt captive portal and user name/ password database through which you could store all the user names and their passwords. This could be used to authenticate the wireless users, when they are trying to connect. Alternatively, integrate the Aruba Mobility Controller to your existing Active directory/ RADIUS Server/ LDAP and use the same database used for authenticating the wired users. Aruba insists that you use 802.1x for secure wireless authentication.

Network Access Control through the Policy Enforcement Module: Now that you have authenticated the user, organize them into various sub-groups. Apply different policies to each group. Certain users need to be given internet access, certain users need not. Control who can access which network service / device. Also check if all the devices connecting to the wireless network are compliant to your security policies. Do they have the latest Anti-Virus updates, if not isolate them and send them to an external quarantine device and take corrective actions.

Bandwidth Management and Quality of Service: A good network design allows for as much bandwidth as possible but also ensures that the bandwidth is optimally utilized. Designate the maximum level of bandwidth that can be used by each user / user-group / application (eg.internet). This will make sure that a single user transferring a huge file won’t clog your network. Prioritize the network traffic – Make sure that the Audio and Video packets are allowed to reach first, as they are latency and delay sensitive.

Stateful Packet Inspection Firewall: The built-in Stateful packet inspection firewall protects your wireless users from common wireless attacks like IP-Spoofing, impersonation etc. It also scans each packet flowing into the network and makes sure that identity based policies are applied. The Stateful nature of the firewall lets you dynamically apply policies based on parameters like user location or time of the day, which keeps changing.

Adaptive Radio Management and Load Balancing: Now that you have a wireless network with so many access points, ensure that there are no channel interferences especially in dense networks. Aruba automatically selects non-overlapping channels for adjacent access points. Aruba also load-balances the users in a particular high-density zone to neighbouring low-density access points within the range. This ensures optimum performance and speed for everyone. In case a particular Access Point fails, the users are automatically shifted to neighbouring access points to avoid down-time. So, the next time, your users don’t have to wait till the replacement comes about.

Wireless Intrusion Protection: The biggest concern of any company deploying wireless networks is the security. With Aruba’s Wireless Intrusion protection module, make sure that there is no room for any external device or user to connect to your network. Also identify and mitigate the common wireless threats like Rogue Access Points, Denial Of Service attacks, Mac-Spoofing software, Man-in-the middle attacks, Ad-hoc connections and a lot more. All this, without blocking the neighbouring access points (which maybe in your range but the next company’s) and ensuring that your users don’t connect to their access points and their users don’t connect to yours.

Aruba’s Live Heat Map / RF Deployment tool: Make the administration of the wireless network simple and visible. Integrate your organizations floor plan with our Controller and you would be able to visualize the RF power levels across your organization on real-time basis – LIVE. Next time your user complains of connectivity problems, just look at the Live heat map, change the position of the Access Point in the map, if needed, to visualize the changes in the power level in the new position, and then make actual changes in the network, if required.

Location Tracking and Voice Over Wireless LAN: Of all the applications that wireless technology enables, two of them are particularly intriguing. With Aruba Centralized Network, inbuilt Location tracking capabilities and external Wi-Fi Sensors, locate any costly equipment in your premises within a range of 1-3 meters, in the floor plan integrated with the controller. With Aruba’s Seamless handover, enable Voice Over Wireless Clients like VOIP Phones and PDA’s and keep roaming anywhere in your organization with excellent clarity. If VOIP is the present technology, VoWLAN (Voice over wireless LAN) is its extension.

Please click here to learn about the Aruba Networks Virtual Branch Network Architecture which is also an important feature of the solution.