FastTrack Training. "Network Basics". "Basics of a wireless LAN". Part one. Eddie Martin December 2012
About a year ago, I noticed an interesting and fascinating series of lectures by Eddie Martin, which, thanks to its history and real-life examples, as well as its tremendous learning experience, is amazingly comprehensible and allows you to gain an understanding of quite complex technologies.
We continue the cycle of 27 articles based on his lectures:
')
01/02: “Understanding the OSI Model” Part 1 / Part 2
03: "Understanding the Cisco Architecture"
04/05: “The Basics of Switching or Switches” Part 1 / Part 2
06: "Switches from Cisco"
07: "Area of ​​use of network switches, the value of Cisco switches"
08/09: "Basics of a Wireless LAN" Part 1 / Part 2
10: "Products in the field of wireless LAN"
11: The Value of Cisco Wireless LANs
12: Routing Basics
13: "The structure of routers, routing platforms from Cisco"
14: The Value of Cisco Routers
15/16: “The Basics of Data Centers” Part 1 / Part 2
17: "Equipment for data centers"
18: "The Value of Cisco in Data Centers"
19/20/21: "The Basics of Telephony" Part 1 / Part 2 / Part 3
22: "Cisco Collaboration Software"
23: The Value of Collaboration Products from Cisco
24: "The Basics of Security"
25: "Cisco Security Software"
26: "The Value of Cisco Security Products"
27: "Understanding Cisco Architectural Games (Review)"
And here is the eighth of them.
So, the next thing we'll talk about is the wireless local area network. We will start with the basics.
It is simply unbelievable that now we are talking about this, because there are among us those who do not even remember the times when the networks were only wired. There is nothing wrong with being young, I would never blame someone for being too young. I will envy, but I will not blame.
But just imagine that there was a time when we were all tied to wired networks. I remember exactly those times. But now I can’t tell you exactly when I last connected the laptop over the wire. I can't do this. I could use a USB connection, but definitely not a wired network.
We can not completely get rid of wired networks, for example, in data centers. You will not have enough wireless bandwidth to replace 10 Gigabit or 40 Gigabit networks. It will take a lot of time.
But let's think about the wireless network in terms of how it has changed our world. We have had wireless networks for a long time, remember the first cordless phones? They were at our house at all. At what frequency did they work, do you remember? 900 megahertz. They had good coverage, but what was wrong with them? What was wrong with these phones in our home at 900 megahertz? They were not protected. People could hear you. It is good if the first one had such a phone, but then the phones also appeared at the neighbors and they could get on your communication channel and hear you. I still have a couple of 900 megahertz speakers in my backyard, which I use for all kinds of sports entertainment and other things. And my neighbor across the street still has a telephone that operates at 900 megahertz. This is a very old phone and I can tune in to its channel and listen to what it says.
900 megahertz provide a large range, but a small bandwidth. But you know, we already had wireless networks operating at a frequency of 900 megahertz at that time. They had megabit bandwidth, and it was already a revolution. Few knew about it, because this function was very unique and specialized. The frequencies overlapped and people said no, I need something more secure. I do not want other people to hear me, so I want a frequency of 2.4 gigahertz.
And we switched to the free frequency spectrum, 2.4 GHz DSS (digital spread spectrum), digital extended spectrum. You could not worry that you will be heard and choose a channel for communication using your phone settings. But why we did not stay in that network? Why we do not use it until now?
Yes, just everyone switched to this spectrum, we got interference. We no longer had the opportunity to listen to each other at this frequency, but the phones interfered with each other’s normal operation. And then we switched to another frequency. What frequency was it? 5 gigahertz We switched to a new spectrum and the people began to pull in there. As a result, there were interference and then a new spectrum appeared.
Not sure what frequency it worked at, perhaps 1.9 GHz, but it was called Dect 6.0. He was out of the working range of all other devices and therefore, perhaps, was considered the safest. These ranges have been filled. I will tell you that when, at the end of the 90s, we were developing standards, and this was very important, there were many companies and all of them had their own. There were their working frequencies, their extended digital spectra. And they did not work with each other normally. Many thought - this is not part of my business, I will not do anything. Then these standards appeared.
I will not say that Cisco invented wireless networks, but they acquired Era Net, which was the market leader at the time. They were the best engineers and developed the best technical solutions in this area. Cisco became leaders in the field of wireless technology in an instant. It was a great time, then standards appeared and people began to use these technologies in business. But it turned out that we were not as smart as we thought.
What do you think happens when Cisco buys another firm? First of all, we transfer all products to our operating system. When we bought Era Net, first of all we gave them our equipment, 350 series access points. And we upgraded their operating system to ours. We converted their software, their operating system and got the smartest access point in the world. There was nothing she did not do. Running to the front, I will say that it was not the best solution at that stage.
Let's take a look at what a wireless network is and tell you that it’s not as difficult as it seems. I'll draw the building, let it be the floor plan of the building. I have access points here.
And we have network users, computers, mobile phones and any other devices, no matter what. The access point is the gateway to the wired network. The process of hitting the net is a two-step process. But you can skip one of the steps, if you want.
I'll explain now. The client is associated with the access point. It looks like this. The computer sees the wireless network, and says: "I want to connect." Imagine that we have three access points and one client. I say: "You all three look the same to me, let me ask you a few questions." - "How many users do you have online"? - "And how much do you have"? - "And you"? - "What is your recycling?" I can understand which of the access points is more suitable for me, where there are the least of all users, where the connection will be better, based on a survey of many access points. Then I choose, and I say: "I want to connect to you." How often do we connect to the network that was not created for us? Often. Why not connect to your neighbor's network? It's free. So it will agree. There is no protection here.
We proceed to the second stage - authentication.
At this point, the access point polls the client. The network says: “Wait a minute, show me your credentials. "Then I'll miss you." This is the whole principle of operation of wireless networks.
Do you have such powers at home? You have an SSID (service set identifier), broadcast as the name of the wireless network by a router, which you can hide and you have a key, which can consist of many letters, numbers, or a phrase. At home, we have a network sharing key for authentication. I have a lot of devices and one access key for them. Why is it not suitable for business?
Just imagine that Cisco employs 70 thousand people. Imagine that in Blizzard we would have a Blizzard login and password. You don't tell anyone. It's a secret. You take your laptop, log in, then leave it somewhere unattended and you steal login information. What will happen? I will have to change the login information on the other 60999 computers. What actually identifies you, exactly how you are - this is your username and password.
That is why business authentication will differ from home network authentication. We want to give you a unique login and password and a unique secure connection. So when you connect to the access point and it tells you - wait, give me your credentials, you are sent to the AAA server.
What is this server?
These are the three letters A, that is, authentication, authorization and accounting. We sell these AAA servers. When you are accepted to work in our company, you are immediately assigned your data to enter the network. Login your email and your first password. You log in and then immediately change the password. The password requirements are immediately indicated, for example, at least 8 letters, with capital letters, numbers, or something else. But we need all this in order to understand that it is you.
Customers are often used to saying that a wireless network is unsafe. But I explain that a wireless network can be much safer than a wired one. I could come to the clients, connect my computer and immediately get to the network. Now you need to authenticate to access the network. It is the AAA server that tells us who you are, when you connected and where you have access to, and when you disconnected. This is what the AAA server does. When you are given access, your request is sent to this server and you receive the first encryption key (encrypted key), each has its own unique encryption key. You have your key, you have your own, and we distribute them by chance. Everything is very safe. Any information coming from the computer is encrypted thanks to this key and the key is constantly changing.
I had a client who represented a savings and credit institution, and he came to talk to me and I started telling him about wireless networks. He literally had his eyes out of orbits popping up when he heard about wireless networks. He shouted - we will not have this, we are a financial institution. He literally wanted to pounce on me. I told him - hey, calm down. Shoot your eyes in place.
What do we say to a customer who doubts the security of wireless networks? He will say - I do not need a wireless network, it is unsafe. What do you tell him? I don’t know about you, but I said: “Do you know where there are wireless networks”? If now in this office the access point was not hanging so clearly, how could you understand this? Can you smell it, taste it, hear it? Not. You cannot understand if there is a wireless network here. You will need a device to find out.
There used to be such small access points, remember? I once held a training in Southern California on Long Beach at the Marriott Hotel. We were located in a remote corner of the entire hotel complex, there was not much of a wireless signal. I, as an instructor, bought a wired connection. I had a great connection, but the students were beside themselves with rage. Communication lags, well, or how to say it technically. And what did I do? The next day I installed Lynksys, here's access to you, stop whining and let's continue our studies. I actually established an unauthorized connection to that network and no one said anything to me.
Let's return to the client with eyes jumping out of their sockets. I asked him: "How do you know that you do not have a wireless network"? My account manager, of course, kicked me for that with his sharp shoes. He kicked right in the shin and it was encouraging. And guess how it all ended? We sold access points to the client that performed a single function — protected against network intrusion. He was afraid that someone behind the firewall would connect to the wireless network and what did we do? We set up a wireless network to prevent wireless connections.
There are no security documents that would not include wireless networks, even then in 2003, 2004 or 2005. Today you need to have protection over a wireless connection.
Let's go back to my story. We put our operating system in the devices and created the smartest access points in the world. Imagine that I have a meeting here.
I take my computer and start wandering around with it. I go from here to here, from one point to another and this is called roaming. This is similar to what you do with your cell phones. Dots have a radius and so on. At this point, my computer understands that neither this access point gives me the desired signal level, nor another. Imagine that I’m giving a PowerPoint presentation, because I’m still at a Cisco meeting. That is, I am loading. What happens with this download?
It will stop for a second while I reconnect from one access point to another. She stops for a second and continues on.
We have the opportunity to do this and customers are delighted. They liked our limitless roaming. The same thing will happen between these access points and between others.
Everything was better nowhere, but then Cisco started selling other products. We released phones, Spectral link - these were the first phones that we connected here. We were able to start voice over wireless. And then the problems started.
So, let's talk about phones. We put a special VLAN here called Voice Net. Imagine that I work for Blizzard here and want to put all my voice devices on the Voice Net. Give them a higher priority, greater bandwidth, the ability for voice to go perfectly. I just love it and connect these devices. Voice is connected to Voice Net, I myself go to Blizzard, everything works fine, I upload my file, I start moving around the room. And when I start to walk and find myself around this point, my wife calls. Hi honey, how are you? Want to tell me what I did wrong today? Let me cancel my meeting and you will continue? The conversation takes place at this point.
I start to go and talk to my wife and what happens when I find myself on the edge of the nets? My conversation is interrupted. The conversation is interrupted, although the failure is only 1 second. And I find myself in the zone of another access point. My wife calls me back. She says: “Have you thrown me off”? - “No, that you are all technologies.” “This is all wireless technology.” “You don’t have to blame the technology, you geeks are constantly talking about them.” Then I go out of this network and no longer call back, let him leave me a voice message. I have the end, no chance. Just one second stop and go to another network is 20 life expectancy for a phone call.
The problem was that the device was too smart, it knew everything about the network. And this device was so clever that it also knew everything about the network. And it took both of them a second to realize that both of them were not together at that moment and my call was interrupted.
And here Cisco found a way out. This required a Catalyst 6500, a supervisor for 40 thousand dollars, a line card for 45 thousand dollars, 20 hours of work of the engineers who organized all these tunnels in the network. Not the best solution. Cisco has such small cards that we give out, and it says on one of them - no worship of technology. And we had to buy another company to resolve this issue. After all, sometimes there are situations when being smart is not that smart.
So Cisco bought Airspace. It was a great acquisition for Cisco, because at that moment we decided - let's not make the access points smart. Let's make them simplified or, in other words, stupid. Some began to call them stupid. Instead of installing all the features on all access points, I will install them in one place - in the controller. I will put a new device on the network. This controller will be the brain of all access points. This point used to have its own brain, but now it's not there. He is in the controller.
And the same with other access points. That is, instead of moving from one brain to another, and so on, I will move from one finger to another, and these fingers will belong to one common brain. We created this and before that we had 50 milliseconds that went on switching, today we reduced this time to 8. Today, even video calls work smoothly. All thanks to these simplified access points.
When we had not yet bought this company, we thought that simplified access points were terrible, but then we realized that this was a great idea. I don’t even know if this process of transition to simplified points can be considered an upgrade, because at first there were smart access points, and now there are not the smartest access points, but with a controller. We had to do it, since the rules of the game have changed. We have moved from the world of data to the world of voice and video. People needed this very much for business reasons. Wireless networks are already tightly integrated into their business processes. That is why in our case, in the case of this technology - the simpler, the better. We use simplified access points with controllers, which can be very small, for example, for 50 access points, or just huge for 1000 access points and more, depending on your needs. We look at all our products in another section.
Now let's talk again about BYOD (bring your own device), we discussed this concept earlier here . I believe that BYOD is the easiest way to communicate with a client about anything. I really like to have such conversations with clients and lead them to the solution I need. What does this concept mean to your client? The ability to bring their devices anywhere and have access to information.
Are there any security concerns about this? Yes, definitely. We at Cisco can have up to 16 VLANs on each access point. We can distribute priorities to them and distribute traffic according to priority. In this case, wireless communication can be compared with hubs.
Imagine that I am an access point, and you are all my clients, which can be both iPhones and iPads, others can be computers or something else and I can give them priorities to all of them. I choose who will speak. A wireless network is like a walkie-talkie. Remember the walkie-talkie? People still use them and I, too, when I go hunting. But how do we use the radio? We press a button to say something, then we release it, but why? Because if both people talk at the same time, it will not work.
The same situation with the wireless network. If someone wants to send something, he seems to raise his hand and say, I have a request. You, say, a computer and here the phone also raises his hand. I will say, hey, computer, you will have to wait, and give higher priority to the phone to make a call, which is determined by QoS. , . .
, 16 VLAN , , . ISE (Cisco Identity Services Engine) — .
. — . — . , , . , . .
, , . , , , . , . . — , . , .
? Of course. , . ISE . , .
? , , ? . ? , : « , ». . : « , »?
. , , - 9 . « , ». , . , . — « ». — «»? -«». - , 6 , : «, ». ? No you can not. .
. - — BYOD, . .
, ? . Cisco ? , . ? , . Cisco , . .
Prime — , . . Prime — Cisco. Airspace, . Prime , , , ISE. , - , , : « , »? -«, , , , , ». -«, Blizzard». -«, - ». -«, , , ». , SNMP MIBS, , Cisco Cisco, - .
Cisco . Blizzard, . Hurricane — , . Jabber, , Jabber .
— , . . , , BYOD.
, , : « , , ». - , . , . , , , . SNMP , . MIB-, . MIB-, .
, , . — NAG (Network Admissions Control) ACS Cisco. . Prime , .
, . 2 , ? , ? , ? , . ? Video. ? Yes. ?
Medianet, , WLAN. WLAN, ? , ? ? Not. ? . . , , . , . , . ? , . ? , . , ? , . . — 2,4 . , . 100 , 1500 . . , .
Bluetooth? , . - , , . Bluetooth ? Yes. -, , - . . - .
? , , . Clean Air.
Cisco , — , . , . . 2,4 5 . .
2,4 5 . . ? ? , 2,4 , . ? 13. ? Not. , 1, - 3, ? Yes. 3 , .
1, 6 11 . , . 5 ? , ? ? 23 . 18, 23. ? 20 . 20 . () . ?
Continued:
FastTrack Training. "Network Basics". "Basics of a wireless LAN". Part two. Eddie Martin December 2012
Thank you for staying with us. Do you like our articles? Want to see more interesting materials? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of the entry-level servers that we invented for you: The Truth About VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps $ 20 or how to share the server? (Options are available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper? Only we have 2 x Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 TV from $ 249 in the Netherlands and the USA! Read about How to build an infrastructure building. class c using servers Dell R730xd E5-2650 v4 worth 9000 euros for a penny?
We continue the cycle of 27 articles based on his lectures:
')
01/02: “Understanding the OSI Model” Part 1 / Part 2
03: "Understanding the Cisco Architecture"
04/05: “The Basics of Switching or Switches” Part 1 / Part 2
06: "Switches from Cisco"
07: "Area of ​​use of network switches, the value of Cisco switches"
08/09: "Basics of a Wireless LAN" Part 1 / Part 2
10: "Products in the field of wireless LAN"
11: The Value of Cisco Wireless LANs
12: Routing Basics
13: "The structure of routers, routing platforms from Cisco"
14: The Value of Cisco Routers
15/16: “The Basics of Data Centers” Part 1 / Part 2
17: "Equipment for data centers"
18: "The Value of Cisco in Data Centers"
19/20/21: "The Basics of Telephony" Part 1 / Part 2 / Part 3
22: "Cisco Collaboration Software"
23: The Value of Collaboration Products from Cisco
24: "The Basics of Security"
25: "Cisco Security Software"
26: "The Value of Cisco Security Products"
27: "Understanding Cisco Architectural Games (Review)"
And here is the eighth of them.
FastTrack Training. "Network Basics". "Basics of a wireless LAN". Part one. Eddie Martin December 2012
So, the next thing we'll talk about is the wireless local area network. We will start with the basics.
It is simply unbelievable that now we are talking about this, because there are among us those who do not even remember the times when the networks were only wired. There is nothing wrong with being young, I would never blame someone for being too young. I will envy, but I will not blame.
But just imagine that there was a time when we were all tied to wired networks. I remember exactly those times. But now I can’t tell you exactly when I last connected the laptop over the wire. I can't do this. I could use a USB connection, but definitely not a wired network.
We can not completely get rid of wired networks, for example, in data centers. You will not have enough wireless bandwidth to replace 10 Gigabit or 40 Gigabit networks. It will take a lot of time.
But let's think about the wireless network in terms of how it has changed our world. We have had wireless networks for a long time, remember the first cordless phones? They were at our house at all. At what frequency did they work, do you remember? 900 megahertz. They had good coverage, but what was wrong with them? What was wrong with these phones in our home at 900 megahertz? They were not protected. People could hear you. It is good if the first one had such a phone, but then the phones also appeared at the neighbors and they could get on your communication channel and hear you. I still have a couple of 900 megahertz speakers in my backyard, which I use for all kinds of sports entertainment and other things. And my neighbor across the street still has a telephone that operates at 900 megahertz. This is a very old phone and I can tune in to its channel and listen to what it says.
900 megahertz provide a large range, but a small bandwidth. But you know, we already had wireless networks operating at a frequency of 900 megahertz at that time. They had megabit bandwidth, and it was already a revolution. Few knew about it, because this function was very unique and specialized. The frequencies overlapped and people said no, I need something more secure. I do not want other people to hear me, so I want a frequency of 2.4 gigahertz.
And we switched to the free frequency spectrum, 2.4 GHz DSS (digital spread spectrum), digital extended spectrum. You could not worry that you will be heard and choose a channel for communication using your phone settings. But why we did not stay in that network? Why we do not use it until now?
Yes, just everyone switched to this spectrum, we got interference. We no longer had the opportunity to listen to each other at this frequency, but the phones interfered with each other’s normal operation. And then we switched to another frequency. What frequency was it? 5 gigahertz We switched to a new spectrum and the people began to pull in there. As a result, there were interference and then a new spectrum appeared.
Not sure what frequency it worked at, perhaps 1.9 GHz, but it was called Dect 6.0. He was out of the working range of all other devices and therefore, perhaps, was considered the safest. These ranges have been filled. I will tell you that when, at the end of the 90s, we were developing standards, and this was very important, there were many companies and all of them had their own. There were their working frequencies, their extended digital spectra. And they did not work with each other normally. Many thought - this is not part of my business, I will not do anything. Then these standards appeared.
I will not say that Cisco invented wireless networks, but they acquired Era Net, which was the market leader at the time. They were the best engineers and developed the best technical solutions in this area. Cisco became leaders in the field of wireless technology in an instant. It was a great time, then standards appeared and people began to use these technologies in business. But it turned out that we were not as smart as we thought.
What do you think happens when Cisco buys another firm? First of all, we transfer all products to our operating system. When we bought Era Net, first of all we gave them our equipment, 350 series access points. And we upgraded their operating system to ours. We converted their software, their operating system and got the smartest access point in the world. There was nothing she did not do. Running to the front, I will say that it was not the best solution at that stage.
Let's take a look at what a wireless network is and tell you that it’s not as difficult as it seems. I'll draw the building, let it be the floor plan of the building. I have access points here.
And we have network users, computers, mobile phones and any other devices, no matter what. The access point is the gateway to the wired network. The process of hitting the net is a two-step process. But you can skip one of the steps, if you want.
I'll explain now. The client is associated with the access point. It looks like this. The computer sees the wireless network, and says: "I want to connect." Imagine that we have three access points and one client. I say: "You all three look the same to me, let me ask you a few questions." - "How many users do you have online"? - "And how much do you have"? - "And you"? - "What is your recycling?" I can understand which of the access points is more suitable for me, where there are the least of all users, where the connection will be better, based on a survey of many access points. Then I choose, and I say: "I want to connect to you." How often do we connect to the network that was not created for us? Often. Why not connect to your neighbor's network? It's free. So it will agree. There is no protection here.
We proceed to the second stage - authentication.
At this point, the access point polls the client. The network says: “Wait a minute, show me your credentials. "Then I'll miss you." This is the whole principle of operation of wireless networks.
Do you have such powers at home? You have an SSID (service set identifier), broadcast as the name of the wireless network by a router, which you can hide and you have a key, which can consist of many letters, numbers, or a phrase. At home, we have a network sharing key for authentication. I have a lot of devices and one access key for them. Why is it not suitable for business?
Just imagine that Cisco employs 70 thousand people. Imagine that in Blizzard we would have a Blizzard login and password. You don't tell anyone. It's a secret. You take your laptop, log in, then leave it somewhere unattended and you steal login information. What will happen? I will have to change the login information on the other 60999 computers. What actually identifies you, exactly how you are - this is your username and password.
That is why business authentication will differ from home network authentication. We want to give you a unique login and password and a unique secure connection. So when you connect to the access point and it tells you - wait, give me your credentials, you are sent to the AAA server.
What is this server?
These are the three letters A, that is, authentication, authorization and accounting. We sell these AAA servers. When you are accepted to work in our company, you are immediately assigned your data to enter the network. Login your email and your first password. You log in and then immediately change the password. The password requirements are immediately indicated, for example, at least 8 letters, with capital letters, numbers, or something else. But we need all this in order to understand that it is you.
Customers are often used to saying that a wireless network is unsafe. But I explain that a wireless network can be much safer than a wired one. I could come to the clients, connect my computer and immediately get to the network. Now you need to authenticate to access the network. It is the AAA server that tells us who you are, when you connected and where you have access to, and when you disconnected. This is what the AAA server does. When you are given access, your request is sent to this server and you receive the first encryption key (encrypted key), each has its own unique encryption key. You have your key, you have your own, and we distribute them by chance. Everything is very safe. Any information coming from the computer is encrypted thanks to this key and the key is constantly changing.
I had a client who represented a savings and credit institution, and he came to talk to me and I started telling him about wireless networks. He literally had his eyes out of orbits popping up when he heard about wireless networks. He shouted - we will not have this, we are a financial institution. He literally wanted to pounce on me. I told him - hey, calm down. Shoot your eyes in place.
What do we say to a customer who doubts the security of wireless networks? He will say - I do not need a wireless network, it is unsafe. What do you tell him? I don’t know about you, but I said: “Do you know where there are wireless networks”? If now in this office the access point was not hanging so clearly, how could you understand this? Can you smell it, taste it, hear it? Not. You cannot understand if there is a wireless network here. You will need a device to find out.
There used to be such small access points, remember? I once held a training in Southern California on Long Beach at the Marriott Hotel. We were located in a remote corner of the entire hotel complex, there was not much of a wireless signal. I, as an instructor, bought a wired connection. I had a great connection, but the students were beside themselves with rage. Communication lags, well, or how to say it technically. And what did I do? The next day I installed Lynksys, here's access to you, stop whining and let's continue our studies. I actually established an unauthorized connection to that network and no one said anything to me.
Let's return to the client with eyes jumping out of their sockets. I asked him: "How do you know that you do not have a wireless network"? My account manager, of course, kicked me for that with his sharp shoes. He kicked right in the shin and it was encouraging. And guess how it all ended? We sold access points to the client that performed a single function — protected against network intrusion. He was afraid that someone behind the firewall would connect to the wireless network and what did we do? We set up a wireless network to prevent wireless connections.
There are no security documents that would not include wireless networks, even then in 2003, 2004 or 2005. Today you need to have protection over a wireless connection.
Let's go back to my story. We put our operating system in the devices and created the smartest access points in the world. Imagine that I have a meeting here.
I take my computer and start wandering around with it. I go from here to here, from one point to another and this is called roaming. This is similar to what you do with your cell phones. Dots have a radius and so on. At this point, my computer understands that neither this access point gives me the desired signal level, nor another. Imagine that I’m giving a PowerPoint presentation, because I’m still at a Cisco meeting. That is, I am loading. What happens with this download?
It will stop for a second while I reconnect from one access point to another. She stops for a second and continues on.
We have the opportunity to do this and customers are delighted. They liked our limitless roaming. The same thing will happen between these access points and between others.
Everything was better nowhere, but then Cisco started selling other products. We released phones, Spectral link - these were the first phones that we connected here. We were able to start voice over wireless. And then the problems started.
So, let's talk about phones. We put a special VLAN here called Voice Net. Imagine that I work for Blizzard here and want to put all my voice devices on the Voice Net. Give them a higher priority, greater bandwidth, the ability for voice to go perfectly. I just love it and connect these devices. Voice is connected to Voice Net, I myself go to Blizzard, everything works fine, I upload my file, I start moving around the room. And when I start to walk and find myself around this point, my wife calls. Hi honey, how are you? Want to tell me what I did wrong today? Let me cancel my meeting and you will continue? The conversation takes place at this point.
I start to go and talk to my wife and what happens when I find myself on the edge of the nets? My conversation is interrupted. The conversation is interrupted, although the failure is only 1 second. And I find myself in the zone of another access point. My wife calls me back. She says: “Have you thrown me off”? - “No, that you are all technologies.” “This is all wireless technology.” “You don’t have to blame the technology, you geeks are constantly talking about them.” Then I go out of this network and no longer call back, let him leave me a voice message. I have the end, no chance. Just one second stop and go to another network is 20 life expectancy for a phone call.
The problem was that the device was too smart, it knew everything about the network. And this device was so clever that it also knew everything about the network. And it took both of them a second to realize that both of them were not together at that moment and my call was interrupted.
And here Cisco found a way out. This required a Catalyst 6500, a supervisor for 40 thousand dollars, a line card for 45 thousand dollars, 20 hours of work of the engineers who organized all these tunnels in the network. Not the best solution. Cisco has such small cards that we give out, and it says on one of them - no worship of technology. And we had to buy another company to resolve this issue. After all, sometimes there are situations when being smart is not that smart.
So Cisco bought Airspace. It was a great acquisition for Cisco, because at that moment we decided - let's not make the access points smart. Let's make them simplified or, in other words, stupid. Some began to call them stupid. Instead of installing all the features on all access points, I will install them in one place - in the controller. I will put a new device on the network. This controller will be the brain of all access points. This point used to have its own brain, but now it's not there. He is in the controller.
And the same with other access points. That is, instead of moving from one brain to another, and so on, I will move from one finger to another, and these fingers will belong to one common brain. We created this and before that we had 50 milliseconds that went on switching, today we reduced this time to 8. Today, even video calls work smoothly. All thanks to these simplified access points.
When we had not yet bought this company, we thought that simplified access points were terrible, but then we realized that this was a great idea. I don’t even know if this process of transition to simplified points can be considered an upgrade, because at first there were smart access points, and now there are not the smartest access points, but with a controller. We had to do it, since the rules of the game have changed. We have moved from the world of data to the world of voice and video. People needed this very much for business reasons. Wireless networks are already tightly integrated into their business processes. That is why in our case, in the case of this technology - the simpler, the better. We use simplified access points with controllers, which can be very small, for example, for 50 access points, or just huge for 1000 access points and more, depending on your needs. We look at all our products in another section.
Now let's talk again about BYOD (bring your own device), we discussed this concept earlier here . I believe that BYOD is the easiest way to communicate with a client about anything. I really like to have such conversations with clients and lead them to the solution I need. What does this concept mean to your client? The ability to bring their devices anywhere and have access to information.
Are there any security concerns about this? Yes, definitely. We at Cisco can have up to 16 VLANs on each access point. We can distribute priorities to them and distribute traffic according to priority. In this case, wireless communication can be compared with hubs.
Imagine that I am an access point, and you are all my clients, which can be both iPhones and iPads, others can be computers or something else and I can give them priorities to all of them. I choose who will speak. A wireless network is like a walkie-talkie. Remember the walkie-talkie? People still use them and I, too, when I go hunting. But how do we use the radio? We press a button to say something, then we release it, but why? Because if both people talk at the same time, it will not work.
The same situation with the wireless network. If someone wants to send something, he seems to raise his hand and say, I have a request. You, say, a computer and here the phone also raises his hand. I will say, hey, computer, you will have to wait, and give higher priority to the phone to make a call, which is determined by QoS. , . .
, 16 VLAN , , . ISE (Cisco Identity Services Engine) — .
. — . — . , , . , . .
, , . , , , . , . . — , . , .
? Of course. , . ISE . , .
? , , ? . ? , : « , ». . : « , »?
. , , - 9 . « , ». , . , . — « ». — «»? -«». - , 6 , : «, ». ? No you can not. .
. - — BYOD, . .
, ? . Cisco ? , . ? , . Cisco , . .
Prime — , . . Prime — Cisco. Airspace, . Prime , , , ISE. , - , , : « , »? -«, , , , , ». -«, Blizzard». -«, - ». -«, , , ». , SNMP MIBS, , Cisco Cisco, - .
Cisco . Blizzard, . Hurricane — , . Jabber, , Jabber .
— , . . , , BYOD.
, , : « , , ». - , . , . , , , . SNMP , . MIB-, . MIB-, .
, , . — NAG (Network Admissions Control) ACS Cisco. . Prime , .
, . 2 , ? , ? , ? , . ? Video. ? Yes. ?
Medianet, , WLAN. WLAN, ? , ? ? Not. ? . . , , . , . , . ? , . ? , . , ? , . . — 2,4 . , . 100 , 1500 . . , .
Bluetooth? , . - , , . Bluetooth ? Yes. -, , - . . - .
? , , . Clean Air.
Cisco , — , . , . . 2,4 5 . .
2,4 5 . . ? ? , 2,4 , . ? 13. ? Not. , 1, - 3, ? Yes. 3 , .
1, 6 11 . , . 5 ? , ? ? 23 . 18, 23. ? 20 . 20 . () . ?
Continued:
FastTrack Training. "Network Basics". "Basics of a wireless LAN". Part two. Eddie Martin December 2012
Thank you for staying with us. Do you like our articles? Want to see more interesting materials? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of the entry-level servers that we invented for you: The Truth About VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps $ 20 or how to share the server? (Options are available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper? Only we have 2 x Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 TV from $ 249 in the Netherlands and the USA! Read about How to build an infrastructure building. class c using servers Dell R730xd E5-2650 v4 worth 9000 euros for a penny?
Source: https://habr.com/ru/post/350380/
All Articles