Upgrading Wi-Fi — What, When, and Why

lessthan0 writes "Wi-Fi (802.11x) networks have been around long enough that many businesses and home users run their own. The first widely deployed standard was 802.11b, while most new hardware uses 802.11g. The latest 802.11n hardware is just around the corner. If you run an existing wireless network, is it time to upgrade?"

Shouldn't it read...

[StringBlade (557322)]

Upgrading Wi-Fi: What, When, and Wi?

Re:Shouldn't it read...

[tomhudson (43916)]

It should read "move on, nothing to see here ..." since you can't upgrade to something that isn't available yet.

Besides, why would you want to upgrade when nobody can use it? Wait until its been out a few years.

After all, gigbit ethernet has been out for a couple of years now, and look at how many people get along just fine with 100mb.

Re:Shouldn't it read...

[lcohiomatty86 (985176)]

most people get along just fine with 100mb because 1. the internet is the primary use of the network.. which comes nowhere near 100mb of bandwith.. and im sure gigabit is pretty widely used in very high bandwith environments.. its just.. why use a more expensive technology when there is no need for it (as in most home and small office environments)

Re:Shouldn't it read...

[tomhudson (43916)]

Well, gigabit ethernet is no longer "much more expensive." I saw a 5-port gigabit switch at a retailer yesterday for under $12/port. Cards are equally cheap. The problem is that for most users, they won't notice the difference, or they'd have to change the cabling fro cat5 to cat6, or they have one or more boxes that are still runing 100mb, so there is zero point in upgrading.

Give it 5 years ...

No way.

[Inoshiro (71693)]

"I saw a 5-port gigabit switch at a retailer yesterday for under $12/port. Cards are equally cheap. The problem is that for most users, they won't notice the difference,"

I think the problem is that it's unlikely that switch supports JUMBO frames. 1500 bytes don't cut it at gigE speeds. Even on a Barton XP 2500+, you get 100% CPU saturation around 250MBps with 1500 byte ethernet packets. My very high quality Intel gigE NICs support jumbo frames of 9000 mtu (and up), but this cheap Airlink switch (the only one I could find in town) is broken past 1500 MTU, meaning it's garbage (don't buy Airlink gear).

I'm sure the Airlink would be fine if you had garbage gigE nics, though, which is probably their target market.

" or they'd have to change the cabling fro cat5 to cat6, or they have one or more boxes that are still runing 100mb, so there is zero point in upgrading."

All of these are bunk. Most cat5 that's properly wired has 4 conductors in it (which is what you need for gigE) and are shielded well enough. You mentioned a switch; you should know that a switch allows for mixed speed devices with no general speed drop (unlike the old hubs that used to exist).

If you have a fileserver in your house serving up to 3-4 client machines like I do, gigE is well worth it, since the network is no longer the bottleneck.

Re:

[kjs3 (601225)]

Do I get a prize for still running coax? :)

Like you're the only one....

Just around the corner

[Reducer2001 (197985)]

The summary says that 802.11n is just around this corner...what about this article [slashdot.org] yesterday that says it's been delayed to 2008?????

Re:

[Derlum (216320)]

More troubling is this:

Both 802.11b and 802.11g use the 2.4 Megahertz frequency...
The 802.11a standard runs at 5 Megahertz...

Either the author is running equipment that's operating ridiculously out of frequency spec, or he's woefully unfamiliar with SI unit prefixes. I'm betting the latter.

Re:

[ryanduff (948159)]

Well Vista has been "just around the corner" since 2002 and we haven't seen that yet.

Unfortunately, it seems everything in the technology world is "just around the corner."

I'm still baffled as to how people can buy something that isn't fully standarized. You know its going to change. Its like shelling out cash for a beta program. Would you buy a development model car with a 6 cylinder engine that curently only runs on 4 cylinders? No!

No, its not time to upgrade.

[by Anonymous Coward]

Even 802.11b is still faster than the DSL or cable connections that these places use.

Re:No, its not time to upgrade.

[tomstdenis (446163)]

Not if you have more than one user. Hint: think about wifi deployed at a school or airport...

As for the general question, the answer is: Upgrade if you have to. If your users are bitching that the net is too slow, upgrade.

If you just want to be hip and spout the latest and greatest ... wait for n.

Tom

Re:

[LiquidCoooled (634315)]

If your users are bitching that the net is too slow, upgrade.

Or, you could just allow standard port access and remove all the crap, its a wireless web interface not a bittorrent seeding point.
(Note, I'm talking about public shared access connections, what you do with your home connection is up to you)

Re:No, its not time to upgrade.

[Minwee (522556)]

No, if your users are bitching that the net is too slow then you should schedule a three day long upgrade window during their peak usage times, wander around the site changing all of the patch cables on the access points from blue to yellow, and then turn it back on again five days later without changing anything else.

They'll be raving about the increased speed for at least a week and then forget that anything ever happened.

Re:

[tomstdenis (446163)]

As someone who paid a $50 tech fee and STILL HAD TO bring my OWN laptop cuz the labs were full of non comp.sci students.... bite me.

That and when you're in a group of 8 working in the cafe (again, only open tables) and there is no wifi and only 3 usable ethernet ports... again "bite me".

Many schools treat their students poorly because the halfwit techs they hire couldn't manage a lab let alone a standalone 8 port switch...

Tom

Re:No, its not time to upgrade.

[Bender0x7D1 (536254)]

Network operators should not be concerned with who is on the network. All that matters is that the network works.

If they don't pay attention to who is on the network, then the network will cease to work. Would you want 10 people to use your home network and drive your performance through the floor?

I'm honestly interested: What is the reason for not wanting "rogue access points" on a network, except for the foolish belief that the network security is at risk?

First, it is not a foolish belief. The fact you believe it is foolish shows you do not really understand the underlying issues. While there are too many to list, here are a few off the top of my head:

Where I work, we've had people install wireless routers with DHCP turned on and giving out real network IPs because they wanted to get their assigned IP for their notebook. Of course, they made their SSID the same as the normal APs. Addressing and routing problems occured all over the building.

You can also interfere with other access points. If you set yours to the same channel as a nearby AP, you can wreck their performance. Your performance may be fine since you are in the same room as your rogue AP and your signal is strong enough. Not neccesarily true for neighboring rooms/buildings.

If you plug in a router that assigns IPs, even reserved IPs, you may be allowing an attacker to operate anonymously. The official APs may be set up to log all MAC addresses that attempt to connect or otherwise maintain information on the users. If your AP doesn't, then the attacker can't be traced in any way. Our location requires the MAC addresses to be registered - by going through a router this is eliminated. (MAC address is only seen by the router.)

There may be a firewall or IDS immediately "behind" official APs. There might not be a firewall where you connect into the wired network. Especially if you are in a lab, the machines might be patched with a firewall, anti-virus and other protection mechanisms in place, such as no administrator access to users. So anything entering from those machines has already made it past their defenses.

As for being connected to the internet thingy, sure there are a lot of bad things out there. However, if you look at properly secured networks, you would find that there is usually an "outer" firewall, then the DMZ with the machines (mail, web) that need to be accessed from the internet thingy, then there is an "inner" firewall with even more restrictive rules. Then you throw in a few IDS systems, proxy servers and other systems and any attacker has to really work to get into your network without at least alerting you something is going on.

Now, your point that someone can connect their laptop to the network is a valid one - which is why most corporations provide the laptops AND the administrative support for them to make sure they have the latest patches and security apps installed. Ideally, they also have a policy about how and where the laptop can be used. For example, the laptop is for work related business only - no online gambling, pr0n, etc. This greatly reduces the risk. Also, properly managed, the user doesn't have administrative access to the machine.

On a final note, don't assume that bad service indicates a bad admin. They may be operating under restrictions that you aren't aware of. For example, if a corporation donates equipment for a new lab, the school has to spend the time and money to wire it and maintain it. It's great that there is an additional lab, but there is no corresponding increase in staff, so everyone has to work harder. Lack of funds may prevent network upgrades or equipment replacements that are recommended by the admins. Maybe a switch went down and they can't replace it right away, so they decided to provide some service in each lab instead of eliminating all service in one lab.

Anyway, just because you don't think there is a problem with doing something doesn't mean there isn't. Respect the opinion of a professional - unless you know, from experience, they are wrong.

Re:

[slughead (592713)]

Even 802.11b is still faster than the DSL or cable connections that these places use.

For downloading, maybe, however I find that there's much higher packet loss and ping while using wireless... it's not a big deal for web browsing, but gaming is pretty annoying.

Re:

[compwizrd (166184)]

Standard cable around here is 10mbit, and for 25 more a month i can get 16mbit.

Depends

[by Anonymous Coward]

Obviously that depends on what you need the wireless LAN for. If your applications work with 802.11b, why would you upgrade? If you want to do something which needs more bandwidth, then upgrade. Duh.

Re:

[RyuuzakiTetsuya (195424)]

Mod up!

The only reason I can think to upgrade is for better encryption and range.

if it ain't broke, don't fix it

[loonicks (807801)]

If 802.11b/g works for me, why would I upgrade? Don't be a consumer whore just because some shiny new wireless protocol comes out... stick with what you have unless it sucks.

Re:

[debilo (612116)]

If 802.11b/g works for me, why would I upgrade? Don't be a consumer whore just because some shiny new wireless protocol comes out... stick with what you have unless it sucks.

Most comments seem to indicate upgrading is useless because speed improvements don't matter as long as the slowest wifi protocol is still faster than your internet connection, but speed is not the only concern. Future protocols are said to offer better/easier security and more reliabality, which if true is a good enough reason to me

I installed b in '00 or '01 and just upgraded to g

[the_quark (101253)]

I had one of the first in-home 802.11b networks. I plunked down like $700 for a Cisco WAP back in 2000 or 2001 because I had a really challenging home network solution that would've cost a lot more than that to run wiring where I needed it. The WAP kept chugging along - those old Cisco units were really reliable - and I finally retired it about a month ago.

My DSL is (supposedly) 6Mbps downstream, so I could've justified it just on that grounds. My wireless was definitely slower than my network connection. But, at the end of the day, the fact that I process video and (now very large RAW) pictures on my laptop caused me to pull the trigger. After I'm done processing, I generally want to copy my files up to a server for backup. On a recent trip, I shot 8 GB of photos. Copying that on b would take about 18 hours. Copying it on g would take about 20 minutes. Obviously, even bigger video files would be worse.

As for security - I certainly don't trust ANY wireless (or wired, for that matter) system for security. I depend on application level security whenever I can get it (SSL, SSH) and VPNs when that's not an option. It's hard for me to imagine upgrading to g or n just for security - anything that does need to be secure in my world already is. Trusting ANY network is a good way to get caught with your pants down.

So, don't dismiss the performance gains from b to g. I increased my Internet download speed from 1Mbps to 6Mbps, and that was certainly worth the (compared to 2001) cheap cost of my new WAP. Even if your Internet connection is 1Mbps or slower, you may still have significant benefits if you copy large files around inside your network.

Re:I installed b in '00 or '01 and just upgraded t

[swillden (191260)]

As for security - I certainly don't trust ANY wireless (or wired, for that matter) system for security. I depend on application level security whenever I can get it (SSL, SSH) and VPNs when that's not an option.

Properly configured WPA and WPA2 are just as secure as your application-level security or VPN (and more secure than some crappy VPNs). Although the weakness of WEP was a major problem, its failure ensured that its successors would get very heavy scrutiny, and the WPA variants have stood up very well. If you really want to be careful, use both wireless network security and end-to-end security. If you don't need to be that paranoid, WPA is just as good as and more convenient than using a home VPN.

OTOH, if you're like me, I like to leave my WLAN open so that passersby can use it if they need it. I appreciate all of the open WLANs I make use of, so I like to return the favor. In that case, a VPN is critical.

Re:I installed b in '00 or '01 and just upgraded t

[nido (102070)]

Just out of curiosity, where was your 2000/2001-era Cisco WAP made?

I saw an aritcle (which has since gone offline: Manufacturing: Probably made in China, by someone else [crmbuyer.com]) that said Intel made motherboards in Silicon Valley until 1999 or so. The massive movement to Chinese factories was triggered by the need to cut costs at the tail end of the dot-com bubble.

$700 sounds like a price you'd have to charge if you were paying Americans to put your industrial-grade wireless widget together... (I'm assuming your

Re:if it ain't broke, don't fix it

[Jeff DeMaagd (2015)]

My understanding is that "n" provides longer range and better link stability. I think that might be a reason to upgrade. If you move files a lot between local computers, the speed might help too.

That said, given that there isn't a finalized standard, I think it may generally be best to hold off on upgrades. If you need speed for your local network and can't wait, then buy matched sets of network devices, then for elsewhere, you can fall back to b/g which should be a lot more than enough for Internet stuff.

Re:

[MoogMan (442253)]

802.11n promises 100MBit/s+ speeds... bringing it up to 100baseT Ethernet speeds. This is a big reason to upgrade. But I agree, if b/g works for you, then don't bother upgrading.

Re:

[jerryasher (151512)]

Wifi is broken, at least for apartment dwellers. Qwest gives out dsl routers with built-in wifi, which means that EVERY apartment now runs its own wifi on the few channels that there are. As a result, wifi is completely unreliable as channel interference occurs. Oh you can connect, but how long until you are knocked off?

Re:

[mkraft (200694)]

Do what I did. Just log into their routers (since most people don't turn on encryption or even change the default password) and change all the channels. Now everyone else will conflict, but you'll have a channel all to yourself. :)

Time to upgrade?

[fishbowl (7759)]

It will be "time to upgrade" when the card manufacturers start being able to tell me which device to buy reliably for linux installations.

I have *never* been able to find an 802.11g PCI card that I could put on a purchase order by vendor and part number. The few devices I have found (b and g) that worked, have been changed by the vendors into incompatable devices without notice.

The linux wi-fi community routinely points questions on this matter to a compatability chart that doesn't answer the question. I know about NDISWrapper. I know to avoid Broadcom chips. That knowledge helps for my personal computing, but it doesn't help when the professional task involves making a purchase order for a device that can be reliably, consistently obtained, or even identified.

On the end of the spectrum we'd like to be on, several competing vendors would warranty the merchandise as being compatable with linux, and would provide source-code compatable drivers (for kernel independence). We're at the extreme far other end of that spectrum, as far as I can tell.

no it is not.

[Bender Unit 22 (216955)]

for me anyway.
I have 3 problems with WiFi.
1) Too many people near by with WiFi makes the connectivity suck within my apartment(have tried many channels). How about a new system where base units can figure out the best configuration when there are others nearby and even change them when the radio pattern(/coverage) changes.
2) My existing devices are not compatible with "New" security standards, fx. Ipaq and wpa2. For every WiFi enabled unit you buy, you have the problem of not being able to upgrade your security unless all devices support it.
3) My HP notebook drops connection when a cellphone is used in my apartment.

There are so many things that can break my WiFi net that I still prefer to use cables. Thought about getting a Squeezebox with WiFi, but I think I might as well save the money and just use cable.

Re:

[Sancho (17056)]

1) Would be really nice, though I wonder if 802.11n will trounce all over the entire spectrum that 802.11b uses.

2) This is not true. Aside from high-end units that are out of most consumer's price range, there is an Asus WAP that can broadcast multiple SSIDs and have separate security settings for each. In theory, this would mean you could have WPA-Radius encryption on one SSID and have a WEP encryption SSID for your Nintendo DS. I think the model is WL-500g Deluxe--it's hard to come by right now.

Quality and coolness

[massysett (910130)]

How good is your router? I have found that the quality of your networking equipment can make a huge difference. I too live in an apartment building with lots of nearby access points--at night if I sit by my window I can catch at least ten signals. I used to have a POS Netgear router that would drop the connection repeatedly. Then I got the DLink DGL 4300, and this thing is rock solid. Drops maybe once a month.

Keeping the equipment cool also matters. For awhile I had the DGL 4300 on the floor, on its side, b

Sometimes connectivity is all you need

[Bald Wookie (18771)]

I don't expect a lot from wireless. It's sort of like plugging a wonky network cable into a hub. You're connected to the network, but everything is delivered at 'best effort' or worse. Most of the time, that's really all that you need.

Can I open a web page? Check.
Send an email? Check.
VNC into a box? With some patience, check.
SSH into a device? Check.
IM? Check.
Can I do 95% of what I do at work over a wireless connection? Check.

The other five percent? I'm hoping for Gig-E because I'm using all of it.

The key is having realistic expectations of wireless. If your users don't understand that then they'll probably be disappointed with whatever you rollout.

Re:

[timeOday (582209)]

To me that is circular reasoning: "wireless is good enough, because it's only used for light duty, because it isn't very good."

Even at home, I find 802.11g to be better than 802.11b. In particular for streaming video, which is handy if I want to watch a show on my laptop while doing dishes. IMHO wireless is not "good enough" until wires are obsolete.

What kind of question is this?

[JayDiggity (70168)]

If you are on 802.11b and are happy with the speed it provides, then stay with what you have. If you're unhappy with it, upgrade to 802.11g.
If you are are unhappy with 802.11g, well, tough luck: as someone else already mentioned, 802.11n isn't coming out until 2008. Start punching holes in the wall and running some Ethernet cable!

Problem solved.

Re:

[portmapper (991533)]

> If you are on 802.11b and are happy with the speed it provides, then stay with what you have.
> If you're unhappy with it, upgrade to 802.11g. If you are are unhappy with 802.11g, well, tough
> luck: as someone else already mentioned, 802.11n isn't coming out until 2008.

802.11a is generally much less crowded than 802.11 b/g and as fast as 802.11g. Wireless
in a crowded area can suck quite bad.

Speed vs. Bandwidth

[JPFitting (990912)]

Does it really matter how much bandwidth one needs in terms of consumers? I would rather see improvments be made on how far the signal goes rather than how much it can handle. It never really mattered to me whether I had a B or G router as I only had a few computers using the internet at once. Granted, once FIOS is more widely used in the States the amount of bandwidth will have more of an effect.

saturation

[by Anonymous Coward]

Other posters have addressed the compatibility and security issues, and I agree with them. No one has addressed the issue of bandwith saturation and new deployment.

Take a look at your bandwidth utilization. If you are using less than 50% what would be the point of doubling your LAN speed? If you are using over 80% then I would think about upgrading to whatever suits the situation.

Another issue is getting a new machine and placing it on your LAN. Can you still easily and cheaply get ahold of an 802.11b/g

Only after the 802.11n spec is ratified

[cyclocommuter (762131)]

Reading articles about 802.11n, there seems to be no compeling reason to upgrade to this draft specification for most folks right now... Poor interoperability with other "n" devices, poor backward compatibility with both "b" and "g" devices, more expensive hardware, and buggy firmware. The bottomline is, upgrading to 802.11n today means you are willing to be a beta tester for the hardware manufacturers.

The conventional wisdom says:

[postbigbang (761081)]

1. If you buy 802.11n products, your AP needs to have easy firmware updates, because there is no standard, and you WILL want to update the firmware when the standard is ratified plus three months, meaning the summer of 2008.

2. 802.11n is faster than 802.11a,b, and g. But you need to buy everything from the same vendor, because that'll ensure it works together as compatibility is iffy. You can't do as nifty antenna tricks with 802.11n as you can with b and g. The 802.11a rules in the US currently prohibit antenna tricks. So, flexibility with standards means 802.11g.

3. If you use any 802.11 product, use WPA, or upgrade to it, and keep checking for firmware upgrades every few months, then do it.

4. Currently, the fastest *standardized* method is 802.11g. There are various turbo modes that may or may not allow you faster downloads, but most APs are inhibited by upstream throttle-back anyway. And for this reason, you might like it for home use but don't use it on mobile machines as hotspots sometimes have trouble with cards that are in 'auto-turbo' mode.

5. Unless you have backhaul that's faster than the WiFi transport, it's useless to buy anything faster because it will make no difference in speed. If you have a crappy DSL connection, the speed will still be crappy DSL speed. It's nice to have your WiFi router speed as the fastest common denominator because DSL and cable and other transports keep getting faster and faster. If you have asymetrical backhaul, that won't change no matter what you do (example: 3MB/s down, 750KB/s up).

WPA secures at minimum. Using AES with TLS is thought to be the most solid method. Having a temporal key is important as key life had a bearing on breaking the key. Currently, no one will sit around and wait for long keys to be broken unless THEY REALLY WANT YOU. If they do, they'll do something smarter. All WEP can be broken in under 22minutes, period.

For better paranoia, read WiFoo-- currently the most interesting hacker cookbook I've found.

Its not an improvement

[dattaway (3088)]

...until we have a greater bandwidth (LOTS of channels) of a microscopic slice of the microwave spectrum. And use frequency hopping.

Why are free channels on the radio spectrum so scarce?

No

[dcam (615646)]

No it is not time to upgrade.

At the moment the 802.11n standard is at draft 2 stage. The 802.11n gear available now is based on 802.11n draft 1.

The manufacturers of this hardware are betting that any changes in the spec between draft 1 and the final version can be fixed by a firmware upgrade. It is by no means certain that this will be the case.

In addition, it isn't clear whether hardware for the 802.11n draft from different manufacturers will work together.

So the answer (as with most technology) is to wait and see. In this case, given that this is based on a draft, that has been superceded, waiting is certianly a good idea.

i would upgrade for the security

[atarione (601740)]

if I didn't have VPN over wifi thanx to m0n0wall and my RADIUS server...... as such I guess I will wait for N assume my trusty BEFW11S4 (b router) dosn't crap out.

if anyone is thinking of going G the WRT54GL [amazon.com] with the dd-wrt [dd-wrt.com] firmware is pretty sweet.

whatever you do DO NOT buy a WRT54GS or later model WRT54G models..as they suck pretty much http://en.wikipedia.org/wiki/WRT54G [wikipedia.org]

When all of the new hardware I buy supports it...

[WimBo (124634)]

When 802.11b first became standardized I bought a PCMCIA card for my laptop and a base station.

My next laptop had 802.11b built in.

My next laptop had 802.11a/b/g built in.

I'm still using the 802.11b bridge that I originally bought. I'll get a new base station eventually, but there's not any hurry, since the bottleneck out of my apartment is the 1.5Mb DSL line, and the 11Mb WiFi is just fine.

I especially don't see the need to buy some add in card for my laptop that may hang out the side and cause other problems.

Re:

[ettlz (639203)]

So what's wrong with WPA Enterprise using EAP-TLS and AES encryption?

Re:

[dieman (4814)]

EAP-TLS is a PITA to support, mostly because you'd have to implement PKI to deploy it. EAP-TTLS (in case you misspelled it) is terrible to support because you'll have to deploy a supplicant to all users before they can connect. Due to Microsoft (and the inability of the IETF and IEEE to declare one EAP type as requried that doesn't suck) if you are implementing WPA, you'll be support EAP-PEAP/MSCHAPv2. I'm not happy about it, but this doesn't require installing insane 3rd party apps into windows that you

WPA with AES is pretty good

[Bishop (4500)]

WPA with AES can keep out all but the NSA and even they will have trouble with it. The trick is to choose a strong PSK or use certificates.

For those who don't know: WPA (1/2, tkip, AES) in pre-shared key mode is vulnerable to a brute force attack. The four packet authentication sequence can be captured and brute force attacked offline. There are WPA rainbow tables based on dictionary words "in the wild." A long multi word passphrase with some numbers should be sufficient. A 63 character string of upper and

Re:

[VENONA (902751)]

Using /dev/random (or dev/urandom, for that matter) will give you an unknown and variable length:
$ dd if=/dev/random bs=1024 count=5 | tr -dc [:alnum:] | wc -c
0+5 records in
0+5 records out
13
dd if=/dev/random bs=1024 count=5 | tr -dc [:alnum:] | wc -c
0+5 records in
0+5 records out
46
$

You'll want to loop until you have enough entropy. /dev/urandom is likely going to give you a lot more chars per count parameter on most systems:
$ dd if=/dev/urandom bs=1024 count=5 | tr -dc [:alnum:] | wc -c
5+0 records in
5+0 reco

Re:Or..

[portmapper (991533)]

> Why upgrade at all? Unless you can really use the extra speed of 802.11g because you have an
> insane internet speed it's just a waste.

Many places there are quite simply too many nearby using 802.11b/g along with wireless
phones on the same frequency. It is too crowded.

"Upgrading" to 802.11a (different frequencies used than 802.11b/g) will help as there generally
are far fewer 802.11a users. The range may not be the same, though.

Re:

[RingDev (879105)]

So true. 802.11n has been "just around the corner" for years and will continue to be so for the next few years. 802.11b/g fullfills user demands and performs acceptably for now.

-Rick