Sign in with
Sign up | Sign in

Wireless Network Logical Topologies

LAN 102: Network Hardware And Assembly
By

Wireless networks have different topologies, just as wired networks do. However, wireless networks use only two logical topologies:

  • Star—The star topology, used by Wi-Fi/IEEE 802.11–based products in the infrastructure mode, resembles the topology used by 10BASE-T and faster versions of Ethernet that use a switch (or hub). The access point takes the place of the switch because stations connect via the access point, rather than directly with each other. This method is much more expensive per unit but permits performance in excess of 10BASE-T Ethernet speeds and has the added bonus of being easier to manage.
  • Point-to-point—Bluetooth products (as well as Wi-Fi products in the ad hoc mode) use the point-to-point topology. These devices connect directly with each other and require no access point or other hub-like device to communicate with each other, although shared Internet access does require that all computers connect to a common wireless gateway. The point-to-point topology is much less expensive per unit than a star topology. It is, however, best suited for temporary data sharing with another device (Bluetooth) and is currently much slower than 100BASE-TX networks.


The figure below shows a comparison of wireless networks using these two topologies.

A logical star topology (left) as used by IEEE 802.11–based wireless Ethernet in infrastructure mode compared to a point-to-point topology as used by Bluetooth and 802.11 in ad hoc mode (right).A logical star topology (left) as used by IEEE 802.11–based wireless Ethernet in infrastructure mode compared to a point-to-point topology as used by Bluetooth and 802.11 in ad hoc mode (right).

Wireless Network Security

When I was writing the original edition of Upgrading and Repairing PCs back in the 1980s, the hackers’ favorite way of trying to get into a network without authorization was discovering the telephone number of a modem on the network, dialing in with a computer, and guessing the password, as in the movie War Games. Today, war driving has largely replaced this pastime as a popular hacker sport. War driving is the popular name for driving around neighborhoods with a laptop computer equipped with a wireless network card on the lookout for unsecured networks. They’re all too easy to find, and after someone gets onto your network, all the secrets in your computer can be theirs for the taking.

Because wireless networks can be accessed by anyone within signal range who has a NIC matching the same IEEE standard of that wireless network, wireless NICs and access points provide for encryption options. Most access points (even cheaper SOHO models) also provide the capability to limit connections to the access point by using a list of authorized MAC numbers (each NIC has a unique MAC). It’s designed to limit access to authorized devices only.

Although MAC address filtering can be helpful in stopping bandwidth borrowing by your neighbors, it cannot stop attacks because the MAC address can easily be “spoofed” or faked. Consequently, you need to look at other security features included in wireless networks, such as encryption.

Caution: In the past, it was thought that the SSID feature provided by the IEEE 802.11 standards was also a security feature. That’s not the case. A Wi-Fi network’s SSID is nothing more than a network name for the wireless network, much the same as workgroups and domains have network names that identify them. The broadcasting of the SSID can be turned off (when clients look for networks, they won’t immediately see the SSID), which has been thought to provide a minor security benefit. However, Microsoft has determined that a non-broadcast SSID is actually a greater security risk than a broadcast SSID, especially with Windows XP and Windows Server 2003. For details, see “Non-broadcast Wireless Networks with Microsoft Windows” at http://technet.microsoft.com/en-us/library/bb726942.aspx. In fact, many freely available (and quite powerful) tools exist that allow snooping individuals to quickly discover your SSID even if it’s not being broadcast, thus allowing them to connect to your unsecured wireless network.

The only way that the SSID can provide a small measure of security for your wireless network is if you change the default SSID provided by the wireless access point or router vendor. The default SSID typically identifies the manufacturer of the device (and sometimes even its model number). A hacker armed with this information can look up the default password and username for the router or access point as well as the default network address range by downloading the documentation from the vendor’s website. Using this information, the hacker could compromise your network if you do not use other security measures, such as WPA/WPA2 encryption. By using a nonstandard SSID and changing the password used by your router’s web-based configuration program, you make it a little more difficult for hackers to attack your network. Follow up these changes by enabling the strongest form of encryption that your wireless network supports.

All Wi-Fi products support at least 40-bit encryption through the wired equivalent privacy (WEP) specification, but the minimum standard on recent products is 64-bit WEP encryption. Many vendors offer 128-bit or 256-bit encryption on their products. However, the 128-bit and stronger encryption feature is more common among enterprise products than SOHO–oriented products. Unfortunately, the WEP specification at any encryption strength has been shown to be notoriously insecure against determined hacking. Enabling WEP keeps a casual snooper at bay, but someone who wants to get into your wireless network won’t have much trouble breaking WEP. For that reason, all wireless network products introduced after 2003 incorporate a different security standard known as Wi-Fi Protected Access (WPA). WPA is derived from the developing IEEE 802.11i security standard. WPA-enabled hardware works with existing WEP-compliant devices, and software upgrades are often available for existing devices to make them WPA capable. The latest 802.11g and 802.11n devices also support WPA2, an updated version of WPA that uses a stronger encryption method. (WPA uses TKIP or AES; WPA2 uses AES.)

Note: Unfortunately, most 802.11b wireless network hardware supports only WEP encryption. The lack of support for more powerful encryption standards is a good reason to retire your 802.11b hardware in favor of 802.11g or 802.11n hardware, all of which support WPA or WPA2 encryption.

Upgrading to WPA or WPA2 may also require updates to your OS. For example, Windows XP Service Pack 2 includes support for WPA encryption. However, to use WPA2 with Windows XP Service Pack 2, you must also download the Wireless Client Update for Windows XP with Service Pack 2, or install Service Pack 3. At the http://support.microsoft.com website, look up Knowledge Base article 917021. You should match the encryption level and encryption type used on both the access points and the NICs for best security. Remember that if some of your network supports WPA but other parts support only WEP, your network must use the lesser of the two security standards (WEP). If you want to use the more robust WPA or WPA2 security, you must ensure that all the devices on your wireless network support WPA. Because WEP is easily broken and the specific WEP implementations vary among manufacturers, I recommend using only devices that support WPA or WPA2.

Management and DHCP Support

Most wireless access points can be managed via a web browser and provide diagnostic and monitoring tools to help you optimize the positioning of access points. Most products feature support for Dynamic Host Configuration Protocol (DHCP), allowing a user to move from one subnet to another without difficulties.

The following image illustrates how a typical IEEE 802.11 wireless network uses multiple access points.

A typical wireless network with multiple access points. A typical wireless network with multiple access points.

As you can see, as users with wireless NICs move from one office to another, the roaming feature of the NIC automatically switches from one access point toanother, permitting seamless network connectivity without wires or logging off the network and reconnecting.

Users per Access Point

The number of users per access point varies with the product; Wi-Fi access points are available in capacities supporting anywhere from 15 to as many as 254 users. You should contact the vendor of your preferred Wi-Fi access point device for details.

Although wired Ethernet networks are still the least expensive networks to build if you can do your own wiring, Wi-Fi networking is now cost-competitive with wired Ethernet networks when the cost of a professional wiring job is figured into the overall expense.

Because Wi-Fi is a true standard, you can mix and match access point and wireless NIC hardware to meet your desired price, performance, and feature requirements for your wireless network, just as you can for conventional Ethernet networks, provided you match up frequency bands or use dual-band hardware.

Display all 20 comments.
This thread is closed for comments
  • 5 Hide
    JasonAkkerman , November 2, 2011 4:37 AM
    Lots of good information there. Lots of history too.
  • 0 Hide
    KelvinTy , November 2, 2011 7:45 AM
    O... I thought all CAT5 are able to transmit 1000Mbps signals BEFORE reading this article... It's kind of weird ~_~" that I can get 5.X MB/s download speed = ="
  • 4 Hide
    Reynod , November 2, 2011 10:28 AM
    Don could you talk to Chris A and Joe and see if we could give a few hard copies of this book away as prizes for some of our users here in the forums who work hard to help others?

    How about a copy for each of the users who make the top ranks for the month of November ... under the Hardware sections of the forums?


    :) 
  • 0 Hide
    Anonymous , November 2, 2011 1:12 PM
    mixer device
  • 2 Hide
    JasonAkkerman , November 2, 2011 1:18 PM
    They make it look like making a cable it so easy, and it is, after the first few tries. Also, making one or two cables isn't too bad, but don't let yourself get talked into making 50 two foot patch cables. Your finger tips will never forgive you.
  • 0 Hide
    thrasher32 , November 2, 2011 1:45 PM
    Great information.
  • 0 Hide
    xx_pemdas_xx , November 2, 2011 1:57 PM
    JasonAkkermanThey make it look like making a cable it so easy, and it is, after the first few tries. Also, making one or two cables isn't too bad, but don't let yourself get talked into making 50 two foot patch cables. Your finger tips will never forgive you.

    I got talked into making 10...
  • 1 Hide
    spookyman , November 2, 2011 2:11 PM
    JasonAkkermanThey make it look like making a cable it so easy, and it is, after the first few tries. Also, making one or two cables isn't too bad, but don't let yourself get talked into making 50 two foot patch cables. Your finger tips will never forgive you.


    Oh I don't know. I have made several thousand patch cord over the past 18 years.

    All you need is a high quality crimper, good cutters and small screw driver. You are set.
  • 2 Hide
    silveralien81 , November 3, 2011 2:56 AM
    This was a great article. In fact it inspired me to buy the book. I'm happy to report that the rest of the book is just as well written. Very educational. A top notch reference.
  • 2 Hide
    neiroatopelcc , November 3, 2011 10:27 AM
    Read the first page. Seems like well written stuff, but not exactly written for my type of user. Also it seems to be igoring a lot of stuff. For instance it sais the network runs at the speed of the slowest component and will figure it out on its own. This isn't true. If you run a pair of 1000TX capable nics on old cat 5 cable (without the e), it'll still attempt to run at that speed, despite the massive crc errors it might generate. Also, if you're running on 'old gigabit hardware' it won't nessecarily have support for 10Base-T speeds. Also, not all firmware has autonegotiate or automdix support, thus you sometimes have to specificly set the speed between links. This is mainly for fiber links though, which seem to have been ignored entirely.

    Anyway. As I said, I think it's well written and probably quite suitable for people who don't know anything about networks (except it seems to assume people know the osi model). I'll go see if the other chapters are equaly basic.
  • 0 Hide
    fixxxer07 , November 4, 2011 1:28 AM
    kelvintyO... I thought all CAT5 are able to transmit 1000Mbps signals BEFORE reading this article... It's kind of weird ~_~" that I can get 5.X MB/s download speed = ="


    5 MBps = 40 Mbps... so it's not that weird. xD
  • 0 Hide
    dthurber , November 4, 2011 2:00 PM
    Great article with lots of information. The crossover cable mentioned would work for 10/100, but for gigabit ethernet you must also crossover the blue and brown pairs. Unlike 10/100 ethernet, gigabit ethernet uses all eight conductors.
  • 1 Hide
    cangelini , November 4, 2011 7:59 PM
    reynodDon could you talk to Chris A and Joe and see if we could give a few hard copies of this book away as prizes for some of our users here in the forums who work hard to help others?How about a copy for each of the users who make the top ranks for the month of November ... under the Hardware sections of the forums?


    Heya Reynod,

    We had access to 10 copies of it for a contest that ran with the first few pieces of the book, but those were given away already.

    I agree that it's a great idea to reward the most active forum users, though. I'll get together with Joe and see if there's anything we can do there!

    Have a great weekend,
    Chris
  • 0 Hide
    Reynod , November 6, 2011 11:28 AM
    Thanks Chris.

    I feel a bit stupid now I missed it.

    It would be great if you could do something again though.

    I did PM Don Saturday to ask him.

    Cheers

  • 0 Hide
    neiroatopelcc , November 21, 2011 6:06 AM
    patch cables of those small lengths you just buy readymade - they're more sturdy anyway, and you can get them as any cable type (cat5e, 6a etc) .. and long's you don't add old cat5 or mix shielded with unshielded, cables really are the least difficult part of network building - although cisco want you to believe otherwise.
  • 0 Hide
    juanc , November 25, 2011 2:18 PM
    completely amazed at how many errors are in page 2
  • 0 Hide
    juanc , November 25, 2011 2:33 PM
    Either I'm missing to read something or the article on page 3 does not note, that to make Patch Cables you must use a different type, multi-filament copper cable instead of the standard in-wall one-wire solid copper conductors that get cut when you crimp. Huge mistake
  • 0 Hide
    juanc , November 25, 2011 2:44 PM
    Shielded twisted pair (STP) refers to the amount of insulation around the cluster of wires

    There is no "amount" it does have a shield.

    it was first thought that shielding the cable from external interference was the best way to reduce interference and provide for greater transmission speeds. However, it was discovered that twisting the pairs of wires is a more effective way to prevent interference

    No. Shielding is better. But the trick on twisting is that we are talking about "differential" signals. If not, twisting would be useless. Twisting to cables cancel each others emissions and emissions from other places to the cable are canceled too.

    10GBE pros say you should not wire UTP but only STP.

    Need cable lengths longer than the lengths you can buy preassembled

    Never buy preassembled cables. Can't assemble cable as I said before on mono-filament cable.
    One filament wires can't be twisted or take turns or >90 degrees. There's a big chance they can break. Can't wire thru a pipes with the RJ45 plug on it.

    Use Jacks. Buy machine assembled/tested multi-filament patch cords from the jack to the computer/router/printer/switch, whatever.
  • 0 Hide
    Slothy , January 13, 2012 11:57 PM
    I read this article as it was linked in the power supply guide posting, which I thought (on perusing it quickly) seemed rather well done. However, this article is so attrocious (both in inaccuracies and it's horribly outdated information) that it draws into doubt the quality of the original article that brought me here. I'm not just some Joe going off on a rant without knowing a thing, and my apologies as I am sure that this was likely intended for average Joe who doesn't have a strong base in networking, but even for that, it could have been written immensely better. I don't know if the author is to blame or the technical editor.

    First off, as a disclaimer, I didn't bother reading the wireless section. Stuff has been changing too rapidly the past few years to even bother, and it is ultimately so simple nowadays that you shouldn't even have to bother with the wireles options. What I did see of wireless information (such as range) was horribly inaccurate. In my experience with most indoor environments, you'll be lucky if you get a *reliable* signal at a fraction of the 150 feet he mentions.

    Simple advice for wireless: Buy a dual-radio N-capable wireless router and then decide if you're going to use N-capable internal wireless cards or USB dongles for any devices you have that do not include integrated wireless. Be warned that in my experience, many wireless routers designed for home use work fine for wireless devices accessing the internet, but when attempting to transfer data between a wired and wireless device, the router will act as a bottleneck, often running at speeds lower than what standard (10 Mbps) ethernet will provide. If you plan on hooking up a device such as a home server or NAS device to your home wireless router, be careful what you pick and either fork out the money for a higher-end SOHO/SMB device or read your reviews thoroughly and ensure that you're getting exactly that device (down to the revision number even, sometimes).

    This article clutters the users mind with unnecessary information and technical details which to knowledgeable persons will already be apparent, and recognized as often incorrect; and for the unknowegeable reader - incorrect and irrelevant but taken as true. To rattle off a few
    -switches and hubs, while sharing some features (they're small, blockish and have multiple ports) are also different at an operational level - switches are OSI layer 2 devices, while hubs are electrical devices operating at OSI layer 1.
    -Packets do not get where they need to go because of MAC addresses; frames get where they need to go thanks to MAC addresses while packets are at OSI layer 3 and utilize IP addresses for routing.
    -If you want to see your MAC address via ipconfig, use ipconfig/all. ipconfig on its own will not provide you with this information.

    If I wanted to take a closer read or go through it again, I'm sure I could pull out atleast as many errors as I listed above, but I've gotten enough of my steam out about someone publishing yet more outdated and erroneous technical info or advice in the realm of networking and IT. Please, if you're going to write a tech article, do it with a purpose, stay true to it, make sure you have your stuff down pat, and damn well update it if you're going to re-publish it.

    No one cares about coaxial ethernet anymore, unless you're over the hill or working in some industrial environment with networked machinery, in which case I hope you're not getting your expertise from this article.

    PS. I'd still like to say thanks to Tom's Hardware and that they're an invaluable resource - not just for their reviews and articles, but for the user community they have generated as well. But with that said - is it just me, or is Tom's IT site just one big stream of advertisements in the guise of articles, news stories, and white papers?
  • 0 Hide
    Anonymous , August 8, 2012 4:38 AM
    why are you using blue and brown wires even though they are of no use?