This installment covers Local Area Network (LAN) hardware and assembly.
The choice of a data-link protocol affects the network hardware you choose. Because the various flavors of Ethernet and other data-link protocols use different hardware, you must select the architecture before you can select appropriate hardware, including NICs, cables, and switches.
NICs for Wired Ethernet Networks
On most computers, a wired Ethernet network adapter is integrated into the motherboard. If the integrated component fails or is not fast enough, a replacement NIC can be added through the PCI or PCI Express slot (desktop computers), USB, CardBus PC Card (PCMCIA), or ExpressCard slot on a laptop.
Network adapters (both wired and wireless) have unique hardware addresses coded into their firmware. The hardware address is known as the MAC address. You can see the MAC address on a label on the side of the adapter, or you can view it after the adapter is installed with an OS utility such as the Windows ipconfig.exe command. The data-link layer protocol uses these addresses to identify the other systems on the network. A packet gets to the correct destination because its data-link layer protocol header contains the hardware addresses of both the sending and receiving systems.
Most motherboards have wired Ethernet adapters built-in, whereas discrete Ethernet network adapters range in price from less than $10 for client adapters to more than $100 for single or multiport server-optimized adapters.
Although you can connect two computers directly to each other via their Ethernet ports with a crossover cable, larger networks need a switch, which is frequently incorporated into a router. The network runs at the speed of the slowest component, so if you use a switch that runs at a slower speed than the network clients, the clients connected to that switch will run at that slower speed. Many wireless routers now include 1000 Mb/s gigabit Ethernet ports instead of slower 100 Mb/s Fast Ethernet ports.
When connecting systems on wired Ethernet networks, the following sections contain my recommendations on the features you need. [Interested in network security services? Check out our best picks.]
Your NIC should run at the maximum speed you want your network to support. Most gigabit Ethernet and Fast Ethernet cards also support slower speeds, meaning, for example, that a 1000 Mb/s (gigabit Ethernet) card also supports 100 Mb/s (Fast Ethernet) speed or standard Ethernet’s 10 Mb/s speed, allowing the same card to be used on both older and newer portions of the network. To verify multispeed operation, look for network cards identified as 10/100 or 10/100/1000 Ethernet. All modern Fast or gigabit NICs should also support full-duplex operation:
- Half-duplex means that the network card can only send or only receive data in a single operation.
- Full-duplex means that the network card can both receive and send simultaneously. Full-duplex options boost network speed if switches are used in place of hubs. For example, 1000 Mb/s gigabit Ethernet cards running in full-duplex mode have a maximum true throughput of 2000 Mb/s, with half going in each direction.
Note: Unlike hubs, which broadcast data packets to all computers connected to them, switches create a direct connection between the sending and receiving computers. Therefore, switches provide faster performance than hubs; most switches also support full-duplex operation, doubling the rated speed of the network when full-duplex network cards are used.
If you need to install a network adapter for use with a gigabit Ethernet (10/100/1000 Mb/s) network, any of the following buses have more than adequate performance:
- PCI/PCIe. The integrated NIC built in to most motherboards are either PCI or PCIe devices.
- CardBus/ExpressCard (laptop computers).
All of these buses support gigabit Ethernet adapters without limiting throughput. Integrated network adapters use either the PCI or PCI Express bus to connect to the system, both of which have more than enough bandwidth. Note that USB 2.0 (480 Mb/s) is not on that list because it is simply not fast enough to fully support gigabit Ethernet’s 1000 Mb/s bandwidth; however, 100 Mb/s Ethernet connections will work on USB 2.0 with no problems. USB 3.0 would be more than fast enough to support a gigabit Ethernet adapter, however there aren’t any network adapters I know of using USB 3.0.
Wired Network Adapter Connectors
Wired Ethernet adapters typically have an eight position, eight conductor (8P8C) connector informally known as an RJ45 connector, which looks like a large telephone jack.
Fast Ethernet and gigabit Ethernet twisted-pair cables use these connectors, but you might still see older adapters that support a single BNC connector (for Thinnet coaxial cables) or a D-shaped 15-pin connector called a DB-15 (for Thicknet coaxial cables). Some older 10 Mb/s adapters have a combination of two or all three of these connector types; adapters with two or more connectors are referred to as combo adapters. Token-Ring adapters can have a 9-pin connector called a DB-9 (for Type 1 STP cable) or sometimes an 8P8C (RJ45) jack (for Type 3 UTP cable). The following image shows all three of the Ethernet connectors.
Note: Although RJ45 is the common name for the UTP Ethernet connector, this is a misnomer. The correct name for the connector is 8P8C, which indicates an 8-pin, 8-conductor connector. The actual RJ45S connector is an eight-position connector but is used for telephone rather than computer data. An RJ45S jack has a slightly different shape than the connector used for Ethernet, and it includes a cutout on one side to prevent unkeyed connectors from being inserted into it.
For drawings of the true RJ45S jack and other telephone jacks, see www.siemon.com/us/standards/13-24_modular_wiring_reference.asp.
Ethernet NICs made for client-PC use on the market today are designed to support unshielded twisted-pair (UTP) cable exclusively. Cards using BNC or DB-15 connectors would be considered obsolete.
For maximum economy, NICs and network cables must match, although media converters can interconnect networks based on the same standard, but using different cable.
Network Cables for Wired Ethernet
Originally, all networks used some type of cable to connect the computers on the network to each other. Although various types of wireless networks are now on the market, many office and home networks still use twisted-pair Ethernet cabling. Occasionally you might still find some based on Thick or Thin Ethernet coaxial cable.
Thick and Thin Ethernet Coaxial Cable
The first versions of Ethernet were based on coaxial cable. The original form of Ethernet, 10BASE-5, used a thick coaxial cable (called Thicknet) that was not directly attached to the NIC. A device called an attachment unit interface (AUI) ran from a DB-15 connector on the rear of the NIC to the cable. The cable had a hole drilled into it to allow the “vampire tap” to be connected to the cable. NICs designed for use with thick Ethernet cable are almost impossible to find as new hardware today.
10BASE-2 Ethernet cards use a BNC (Bayonet-Neill-Concelman) connector on the rear of the NIC. Although the thin coaxial cable (called Thinnet or RG-58) used with 10BASE-2 Ethernet has a bayonet connector that can physically attach to the BNC connector on the card, this configuration is incorrect and won’t work. Instead, a BNC T-connector attaches to the rear of the card, allowing a Thin Ethernet cable to be connected to either both ends of the T (for a computer in the middle of the network) or to one end only (for a computer at the end of the network). A 50-ohm terminator is connected to the other arm of the T to indicate the end of the network and prevent erroneous signals from being sent to other clients on the network. Some early Ethernet cards were designed to handle thick (AUI/DB-15), thin (RG-58), and UTP (unshielded twisted pair) cables. Combo cards with both BNC and 8P8C (RJ45) connectors are still available on the surplus equipment market but can run at only standard 10 Mb/s Ethernet speeds.
The following figure compares Ethernet DB-15 to AUI, BNC coaxial T-connector, and 8P8C (RJ45) UTP connectors, and the one after that illustrates the design of coaxial cable.
Twisted-pair cable is just what its name implies: insulated wires within a protective casing with a specified number of twists per foot. Twisting the wires reduces the effect of electromagnetic interference (EMI, which can be generated by nearby cables, electric motors, and fluorescent lighting) on the signals being transmitted. Shielded twisted pair (STP) refers to the amount of insulation around the cluster of wires and therefore its immunity to noise. You are probably familiar with unshielded twisted pair (UTP) cable; it is often used for telephone wiring.The following image shows UTP cable; the one after that illustrates STP cable.
Shielded Versus Unshielded Twisted Pair
When cabling was being developed for use with computers, it was first thought that shielding the cable from external interference was the best way to reduce interference and provide for greater transmission speeds. However, it was discovered that twisting the pairs of wires is a more effective way to prevent interference from disrupting transmissions. As a result, earlier cabling scenarios relied on shielded cables rather than the unshielded cables more commonly in use today.
Shielded cables also have some special grounding concerns because one, and only one, end of a shielded cable should be connected to an earth ground; issues arose when people inadvertently caused grounding loops to occur by connecting both ends or caused the shield to act as an antenna because it wasn’t grounded.
Grounding loops are created when two grounds are tied together. This is a bad situation because each ground can have a slightly different potential, resulting in a circuit that has low voltage but infinite amperage. This causes undue stress on electrical components and can be a fire hazard.
Most Ethernet installations that use twisted-pair cabling use UTP because the physical flexibility and small size of the cable and connectors makes routing it easy. However, its lack of electrical insulation can make interference from fluorescent lighting, elevators, and alarm systems (among other devices) a major problem. If you use UTP in installations where interference can be a problem, you need to route the cable away from the interference, use an external shield, or substitute STP for UTP near interference sources.
Four standard types of UTP cabling exist and are still used to varying degrees:
- Category 3 cable—The original type of UTP cable used for Ethernet networks was also the same as that used for business telephone wiring. This is known as Category 3, or voice-grade UTP cable, and it is measured according to a scale that quantifies the cable’s data-transmission capabilities. The cable itself is 24 AWG (American Wire Gauge, a standard for measuring the diameter of a wire) and copper-tinned with solid conductors, with 100–105-ohm characteristic impedance and a minimum of two twists per foot. Category 3 cable is largely obsolete because it is only adequate for networks running at up to 16 Mb/s, so it cannot be used with Fast or gigabit Ethernet.
- Category 5 cable—The faster network types require greater performance levels. Fast Ethernet (100BASE-TX) uses the same two-wire pairs as 10BASE-T, but Fast Ethernet needs a greater resistance to signal crosstalk and attenuation. Therefore, the use of Category 5 UTP cabling is essential with 100BASE-TX Fast Ethernet. Although the 100BASE-T4 version of Fast Ethernet can use all four-wire pairs of Category 3 cable, this flavor of Fast Ethernet is not widely supported and has practically vanished from the marketplace. If you try to run Fast Ethernet 100BASE-TX over Category 3 cable, you will have a slow and unreliable network. Category 5 cable is commonly called Cat 5 and is also referred to as Class D cable.
- Category 5e cable—Many cable vendors also sell an enhanced form of Category 5 cable called Category 5e (specified by Addendum 5 of the ANSI/TIA/EIA-568-A cabling standard). Category 5e cable can be used in place of Category 5 cable and is especially well suited for use in Fast Ethernet networks that might be upgraded to gigabit Ethernet in the future. Category 5e cabling must pass several tests not required for Category 5 cabling. Even though you can use both Category 5 and Category 5e cabling on a gigabit Ethernet (1000BASE-TX) network, Category 5e cabling provides better transmission rates and a greater margin of safety for reliable data transmission.
- Category 6 cable—Category 6 cabling (also called Cat 6 or Class E) can be used in place of Cat 5 or 5e cabling and uses the same 8P8C (RJ45) connectors as Cat 5 and 5e. Cat 6 cable handles a frequency range of 1 MHz–250 MHz, compared to Cat 5 and 5e’s 1 MHz–100 MHz frequency range. Cat 6 is suitable for gigabit Ethernet at standard distances of up to 100 meters (328 ft.), and can even be used for 10 gigabit Ethernet at reduced distances of up to 55 meters (180 ft.).
- Category 6a cable—Category 6a cabling (also called Cat 6a or Class EA) can be used in place of Cat 6, 5, or 5e cabling and uses the same 8P8C (RJ45) connectors. Cat 6a cable supports a frequencies up to 500 MHz (twice that of Cat 6), and supports 10 gigabit Ethernet connections at the full maximum distance of up to 100 meters (328 ft.).
Caution: If you choose to install cable meeting Category 5/5e/6/6a UTP cable, be sure that all the connectors, wall plates, and other hardware components involved are also rated the same or better. The lowest common denominator rating will degrade the entire connection to that Category. For example, if you install Cat 6 cabling but only use Cat 5 rated connectors, wall plates, and so on, then the connections as a whole will only be rated for Cat 5.
For new installations it is always recommended to use the highest rated components that are affordable, as this will help to “future-proof” the network.
Choosing the correct type of Category 5/5e/6/6a cable is also important. Use solid PVC cable for network cables that represent a permanent installation. However, the slightly more expensive stranded cables are a better choice for laptop computers or temporary wiring of no more than 10-foot lengths (from a computer to a wall socket, for example) because they are more flexible and therefore capable of withstanding frequent movement.
If you plan to use air ducts or suspended ceilings for cable runs, you should use Plenum cable, which doesn’t emit harmful fumes in a fire. It is much more expensive, but the safety issue is a worthwhile reason to use it. Some localities require you to use Plenum cabling.
Wired Network Topologies
Each computer on the network is connected to the other computers with cable (or some other medium, such as wireless using radio frequency signals). The physical arrangement of the cables connecting computers on a network is called thenetwork topology.
The three basic topologies used in computer networks have been as follows:
- Bus—Connects each computer on a network directly to the next computer in a linear fashion. The network connection starts at the server and ends at the last computer in the network. (Obsolete.)
- Star—Connects each computer on the network to a central access point.
- Ring—Connects each computer to the others in a loop or ring. (Obsolete.)
The earliest type of network topology was the bus topology, which uses a single cable to connect all the computers in the network to each other, as shown in the image below. This network topology was adopted initially because running a single cable past all the computers in the network is easier and uses less wiring than other topologies. Because early bus topology networks used bulky coaxial cables, these factors were important advantages. Both 10BASE-5 (thick) and 10BASE-2 (thin) Ethernet networks are based on the bus topology.
However, the advent of cheaper and more compact unshielded twisted-pair cabling, which also supports faster networks, has made the disadvantages of a bus topology apparent. If one computer or cable connection malfunctions, it can cause all the stations beyond it on the bus to lose their network connections. Thick Ethernet (10BASE-5) networks often failed because the vampire tap connecting the AUI device to the coaxial cable came loose. In addition, the T-adapters and terminating resistors on a 10BASE-2 Thin Ethernet network could come loose or be removed by the user, causing all or part of the network to fail. Another drawback of Thin Ethernet (10BASE-2) networks was that adding a new computer to the network between existing computers might require replacement of the existing network cable between the computers with shorter segments to connect to the new computer’s network card and T-adapter, thus creating downtime for users on that segment of the network.
Another topology often listed in discussions of this type is a ring, in which each workstation is connected to the next and the last workstation is connected to the first again (essentially a bus topology with the two ends connected). Two major network types use the ring topology:
- Fiber Distributed Data Interface (FDDI)—A network topology used for large, high-speed networks using fiber-optic cables in a physical ring topology
- Token-Ring—Uses a logical ring topology
A Token-Ring network resembles a 10BASE-T or 10/100 Ethernet network at first glance because both networks use a central connecting device and a physical star topology. Where is the “ring” in Token-Ring?
The ring exists only within the device that connects the computers, which is called a multistation access unit (MSAU) on a Token-Ring network (see the following image).
Signals generated from one computer travel to the MSAU, are sent out to the next computer, and then go back to the MSAU again. The data is then passed to each system in turn until it arrives back at the computer that originated it, where it is removed from the network. Therefore, although the physical wiring topology is a star, the data path is theoretically a ring. This is called a logical ring.
A logical ring that Token-Ring networks use is preferable to a physical ring network topology because it affords a greater degree of fault tolerance. As on a bus network, a cable break anywhere in a physical ring network topology, such as FDDI, affects the entire network. FDDI networks use two physical rings to provide a backup in case one ring fails. By contrast, on a Token-Ring network, the MSAU can effectively remove a malfunctioning computer from the logical ring, enabling the rest of the network to function normally.
By far the most popular type of topology in use today has separate cables to connect each computer to a central wiring nexus, often called a switch or hub. The following figure shows this arrangement, which is called a star topology.
Because each computer uses a separate cable, the failure of a network connection affects only the single machine involved. The other computers can continue to function normally. Bus cabling schemes use less cable than the star but are harder to diagnose or bypass when problems occur. At this time, Fast Ethernet and gigabit Ethernet in a star topology are the most commonly implemented types of wired LAN.
Switches for Ethernet Networks
As you have seen, modern Ethernet workgroup networks—whether wireless or wired with UTP cable—are usually arranged in a star topology. The center of the star uses a multiport connecting device that can be either a hub or a switch. Although both hubs and switches can connect the network—and can have several features in common—only switches are normally used today. The differences between them are significant and are covered in the following sections.
All Ethernet switches have the following features:
- Multiple 8P8C (RJ-45) UTP connectors
- Diagnostic and activity lights
- A power supply
Ethernet switches are made in two forms: managed and unmanaged. Managed switches can be directly configured, enabled or disabled, or monitored by a network operator. They are commonly used on corporate networks. Workgroup and home-office networks use less expensive unmanaged switches, which simply connect computers on the network using the systems connected to it to provide a management interface for its configurable features.
Signal lights on the front of the switch indicate which connections are in use by computers; some also indicate whether a full-duplex connection is in use. In addition, multispeed switches may indicate which connection speed is in use on each port. A switch must have at least one 8P8C (RJ45) UTP connector for each computer you want to connect to it.
How Switches Work
UTP Ethernet networks were originally wired using hubs. When a specific computer sends a packet of data to another specific computer through a hub, the hub doesn’t know which port the destination computer is connected to, so it broadcasts the packet to all of the ports and computers connected to it, creating a large amount of unnecessary traffic because ports and systems receive network data even if it is not intended for them.
Switches are similar to hubs in both form factor and function, but they are very different in actual operation. As with hubs, they connect computers on an Ethernet network to each other. However, instead of broadcasting data to all of the ports and computers on the network as hubs do, switches use a feature called address storing, which checks the destination for each data packet and sends it directly to the port/computer for which it’s intended. Thus, a switch can be compared to a telephone exchange, making direct connections between the originator of a call and the receiver.
Because switches establish a direct connection between the originating and receiving PC, they also provide the full bandwidth of the network to each port. Hubs, by contrast, must subdivide the network’s bandwidth by the number of active connections on the network, meaning that bandwidth rises and falls depending on network activity.
For example, assume you have a four-station network workgroup using 10/100 NICs and a Fast Ethernet hub. The total bandwidth of the network is 100 Mb/s. However, if two stations are active, the effective bandwidth available to each station drops to 50 Mb/s (100 Mb/s divided by 2). If all four stations are active, the effective bandwidth drops to just 25 Mb/s (100 Mb/s divided by 4)! Add more active users, and the effective bandwidth continues to drop.
If you replace the hub with a switch, the effective bandwidth for each station remains at the full 100 Mb/s because the switch doesn’t broadcast data to all stations.
Most switches also support full-duplex (simultaneous transmit and receive), enabling the actual bandwidth to be double the nominal 100 Mb/s rating, or 200 Mb/s.
Additional Switch Features You Might Need
Most switches have the following standard or optional features:
- Multispeed capability—Switches support multiple speeds. This means you can mix gigabit Ethernet (1000BASE-TX), Fast Ethernet (100BASE-TX) and 10BASE-T clients on the same network, and each will run at the maximum possible speed. These days I recommend buying only gigabit switches, since most network adapters now support gigabit speeds.
- “Extra” ports beyond your current requirements—If you are connecting four computers into a small network, you may only need a four-port switch, which is the smallest generally available. But if you buy a switch with only four ports and want to add another client PC to the network, you must add a second switch or replace the switch with a larger one with more ports.
Instead, plan for the future by buying a switch that can handle your projected network growth over the next year. If you plan to connect more than four workstations, buy at least an eight-port switch. (The cost per connection drops as you buy hubs and switches with more connections.) Even though you can easily interconnect additional switches, it is normally more economical to use as few switches as possible.
Note: The uplink port on your switch (or hub) connects the device to a router or gateway device that provides an Internet connection for your network. When multiple switches are to be used, they are usually connected directly to the router or gateway instead of chained (or stacked) off each other.
Modern switches feature Auto-MDIX (automatic medium-dependent interface crossover) ports that allow switches to be connected together using any of the ports, and without using special crossover cables. Older switches (or hubs) used uplink ports to allow additional switches to be connected.
Although large networks have a wiring closet near the server, the workgroup-size LANs found in a small office/home office (SOHO) network obviously don’t require anything of the sort. However, the location of the switch is important, even if your LAN is currently based solely on a wireless Ethernet architecture.
Ethernet switches (and hubs) require electrical power, whether they are small units that use a power “brick” or larger units that have an internal power supply and a standard three-prong AC cord.
In addition to electrical power, consider placing the hub or switch where its signal lights will be easy to view for diagnostic purposes and where its 8P8C (RJ45) connectors can be reached easily. This is important both when it’s time to add another user or two and when you need to perform initial setup of the switch (requiring a wired connection) or need to troubleshoot a failed wireless connection. In many offices, the hub or switch sits on the corner of the desk, enabling the user to see network problems just by looking at the hub or switch.
If the hub or switch also integrates a router for use with a broadband Internet device, such as a DSL or cable modem, you can place it near the cable or DSL modem or at a distance if the layout of your home or office requires it. Because the cable or DSL modem usually connects to your computer by the same Category 5/5e/6/6a cable used for UTP Ethernet networking, you can run the cable from the cable or DSL modem to the router/switch’s WAN port and connect all the computers to the LAN ports on the router/switch.
Except for the 328-foot (100-meter) limit for all forms of UTP Ethernet (10BASE-T, 100BASE-TX, and 1000BASE-TX), distances between each computer on the network and the switch (or hub) aren’t critical, so put the switch (or hub) wherever you can supply power and gain easy access.
Although wireless networks do offer more freedom in terms of placing the switch/access point, you should keep in mind the distances involved (generally up to 150 to 250 feet indoors for 802.11b/g/n) and any walls or devices using the same 2.4 GHz spectrum that might interfere with the signal.
Tip: Decide where you plan to put your hub or switch before you buy prebuilt UTP wiring or make your own; if you move the hub or switch, some of your wiring will no longer be the correct length. Although excess lengths of UTP cable can be coiled and secured with cable ties, cables that are too short should be replaced. You can buy 8P8C (RJ45) connectors to create one long cable from two short cables, but you must ensure the connectors are Category 5 if you are running Fast Ethernet; some vendors still sell Category 3 connectors that support only 10 Mb/s. You’re really better off replacing the too-short cable with one of the correct length.
Wireless Ethernet Hardware: Networking
All types of 802.11 wireless networks have two basic components:
- Wireless access point (usually built-in to a router)
- Wireless network cards
An access point is a bookend-size device that uses one or more 8P8C (RJ45) ports to attach to a 10BASE-T or 10/100/1000 Ethernet network (if desired) and contains a radio transceiver, encryption, and communications software. It translates conventional Ethernet signals into wireless Ethernet signals that it broadcasts to wireless NICs on the network and then performs the same role in reverse to transfer signals from wireless NICs to the conventional Ethernet network.
Most people don’t buy an access point as a separate stand-alone item, instead they would purchase a router that has an access point built-in. Wireless routers normally include a router, switch, and a wireless access point, but may also include a cable/DSL modem, file/print server, and other features.
Note: In SOHO networks that provide Internet access, the access point is usually incorporated into a wireless router that also includes an Ethernet switch.
For coverage of a large area, you can use two or more access points and connect them to an Ethernet switch. This enables users to roam inside a building without losing contact with the network. Some access points can communicate directly with each other via radio waves, enabling you to create a wireless backbone that can cover a wide area (such as a warehouse) without the need to run network cabling. You can also purchase a wireless Ethernet range extender that can receive and boost weak Wi-Fi signals. Some access points are designed to be used as either access points or range extenders. Some range extenders are designed only to work with the same brand of access point or router.
Access points are not necessary for direct peer-to-peer networking (also called ad hoc mode), but they are required for a shared Internet connection or a connection with another network. When access points are used, the network is operating in infrastructure mode.
Note: Wireless clients running in ad hoc mode cannot connect to the Internet unless one of the stations on the network is connected to a bridge or uses another network adapter as a bridge.
NICs equipped for wireless Ethernet communications have a fixed or detachable radio antenna. Wireless NICs come in four forms:
- CardBus (32-bit PC Card) or ExpressCard (PCIe) cards for use in laptop computers that do not include “integrated” wireless support
- Mini PCI or PCIe Mini cards that provide wireless and wired Ethernet and dial-up modem support for laptop computers
- PCI cards for use in desktop computers with PCI slots
- USB adapters for use in both desktop and laptop computers
Most laptop computers with Wi-Fi hardware onboard use the Mini PCI or PCIe Mini interface for the wireless adapter and place the antenna inside the display housing.
Note: Mini PCI or PCIe Mini cards are installed inside laptop computers. (They can be removed or replaced by opening the system.) Because Mini PCI and PCIe Mini cards are installed inside laptops, they are not usually sold as retail components. However, some vendors sell them as OEM components, or you can buy them from the laptop vendor’s parts department.
Because you can mix and match Wi-Fi-certified products that use the same frequency band, you can incorporate any mix of desktop and laptop computers into your wireless network. The following image illustrates typical wireless network hardware.
Although most recent laptop computers include 802.11b/g/n wireless Ethernet or dual-mode 802.11a/b/g/n support through an integrated Mini PCI or PCIe Mini card, you can add support for other 802.11 wireless networks by either upgrading the internal card or by attaching an additional card via a CardBus slot, ExpressCard slot, or USB port.
When a Wi-Fi-enabled system receives multiple Wi-Fi signals, client systems lock onto the strongest signal from access points and automatically roam (switch) to another access point when the signal strength is stronger and the error level is lower than the current connection. Of course, if you want the system to lock onto a specific signal, that can be done via the OS or manufacturer-provided software.
Most people use a wireless router as the basis of a wireless network. A wireless router normally contains a router (which is connected to a cable/DSL modem), switch, and access point. When looking for a wireless router, I recommend only those that include gigabit Ethernet switches as well as a gigabit Ethernet WAN port for connecting the router to a cable/DSL modem.
Additional hardware you might need to add to your network includes the following:
- Wireless bridges—These devices enable you to connect a wired Ethernet device, including noncomputer items such as video games or set-top boxes, to a wireless network. These are sometimes called wireless gaming adapters.
- Wireless repeaters/range extenders—A repeater can stretch the range of an existing wireless network. Some can also serve as access points or wireless bridges.
- Specialized antennas—The “rabbit ears” antennas used by most access points and routers are adequate for short distances, but longer distances or problems with line-of-sight reception can be solved by attaching high-gain replacements for the originals, or by attaching more specialized directional antennas, possibly on extension cables to mount them higher for greater range.
- Signal boosters—In addition to or as an alternative to replacement antennas, some vendors also sell signal boosters that piggyback onto an existing access point or router. Note that, in most cases, these signal boosters are vendor specific.
Wireless Network Logical Topologies
Wireless networks have different topologies, just as wired networks do. However, wireless networks use only two logical topologies:
- Star—The star topology, used by Wi-Fi/IEEE 802.11–based products in the infrastructure mode, resembles the topology used by 10BASE-T and faster versions of Ethernet that use a switch (or hub). The access point takes the place of the switch because stations connect via the access point, rather than directly with each other. This method is much more expensive per unit but permits performance in excess of 10BASE-T Ethernet speeds and has the added bonus of being easier to manage.
- Point-to-point—Bluetooth products (as well as Wi-Fi products in the ad hoc mode) use the point-to-point topology. These devices connect directly with each other and require no access point or other hub-like device to communicate with each other, although shared Internet access does require that all computers connect to a common wireless gateway. The point-to-point topology is much less expensive per unit than a star topology. It is, however, best suited for temporary data sharing with another device (Bluetooth) and is currently much slower than 100BASE-TX networks.
Wireless Network Security
When I was writing the original edition of Upgrading and Repairing PCs back in the 1980s, the hackers’ favorite way of trying to get into a network without authorization was discovering the telephone number of a modem on the network, dialing in with a computer, and guessing the password, as in the movie War Games. Today, war driving has largely replaced this pastime as a popular hacker sport. War driving is the popular name for driving around neighborhoods with a laptop computer equipped with a wireless network card on the lookout for unsecured networks. They’re all too easy to find, and after someone gets onto your network, all the secrets in your computer can be theirs for the taking.
Because wireless networks can be accessed by anyone within signal range who has a NIC matching the same IEEE standard of that wireless network, wireless NICs and access points provide for encryption options. Most access points (even cheaper SOHO models) also provide the capability to limit connections to the access point by using a list of authorized MAC numbers (each NIC has a unique MAC). It’s designed to limit access to authorized devices only.
Although MAC address filtering can be helpful in stopping bandwidth borrowing by your neighbors, it cannot stop attacks because the MAC address can easily be “spoofed” or faked. Consequently, you need to look at other security features included in wireless networks, such as encryption.
Caution: In the past, it was thought that the SSID feature provided by the IEEE 802.11 standards was also a security feature. That’s not the case. A Wi-Fi network’s SSID is nothing more than a network name for the wireless network, much the same as workgroups and domains have network names that identify them. The broadcasting of the SSID can be turned off (when clients look for networks, they won’t immediately see the SSID), which has been thought to provide a minor security benefit. However, Microsoft has determined that a non-broadcast SSID is actually a greater security risk than a broadcast SSID, especially with Windows XP and Windows Server 2003. For details, see “Non-broadcast Wireless Networks with Microsoft Windows” at http://technet.microsoft.com/en-us/library/bb726942.aspx. In fact, many freely available (and quite powerful) tools exist that allow snooping individuals to quickly discover your SSID even if it’s not being broadcast, thus allowing them to connect to your unsecured wireless network.
The only way that the SSID can provide a small measure of security for your wireless network is if you change the default SSID provided by the wireless access point or router vendor. The default SSID typically identifies the manufacturer of the device (and sometimes even its model number). A hacker armed with this information can look up the default password and username for the router or access point as well as the default network address range by downloading the documentation from the vendor’s website. Using this information, the hacker could compromise your network if you do not use other security measures, such as WPA/WPA2 encryption. By using a nonstandard SSID and changing the password used by your router’s web-based configuration program, you make it a little more difficult for hackers to attack your network. Follow up these changes by enabling the strongest form of encryption that your wireless network supports.
All Wi-Fi products support at least 40-bit encryption through the wired equivalent privacy (WEP) specification, but the minimum standard on recent products is 64-bit WEP encryption. Many vendors offer 128-bit or 256-bit encryption on their products. However, the 128-bit and stronger encryption feature is more common among enterprise products than SOHO–oriented products. Unfortunately, the WEP specification at any encryption strength has been shown to be notoriously insecure against determined hacking. Enabling WEP keeps a casual snooper at bay, but someone who wants to get into your wireless network won’t have much trouble breaking WEP. For that reason, all wireless network products introduced after 2003 incorporate a different security standard known as Wi-Fi Protected Access (WPA). WPA is derived from the developing IEEE 802.11i security standard. WPA-enabled hardware works with existing WEP-compliant devices, and software upgrades are often available for existing devices to make them WPA capable. The latest 802.11g and 802.11n devices also support WPA2, an updated version of WPA that uses a stronger encryption method. (WPA uses TKIP or AES; WPA2 uses AES.)
Note: Unfortunately, most 802.11b wireless network hardware supports only WEP encryption. The lack of support for more powerful encryption standards is a good reason to retire your 802.11b hardware in favor of 802.11g or 802.11n hardware, all of which support WPA or WPA2 encryption.
Upgrading to WPA or WPA2 may also require updates to your OS. For example, Windows XP Service Pack 2 includes support for WPA encryption. However, to use WPA2 with Windows XP Service Pack 2, you must also download the Wireless Client Update for Windows XP with Service Pack 2, or install Service Pack 3. At the http://support.microsoft.com website, look up Knowledge Base article 917021. You should match the encryption level and encryption type used on both the access points and the NICs for best security. Remember that if some of your network supports WPA but other parts support only WEP, your network must use the lesser of the two security standards (WEP). If you want to use the more robust WPA or WPA2 security, you must ensure that all the devices on your wireless network support WPA. Because WEP is easily broken and the specific WEP implementations vary among manufacturers, I recommend using only devices that support WPA or WPA2.
Management and DHCP Support
Most wireless access points can be managed via a web browser and provide diagnostic and monitoring tools to help you optimize the positioning of access points. Most products feature support for Dynamic Host Configuration Protocol (DHCP), allowing a user to move from one subnet to another without difficulties.
The following image illustrates how a typical IEEE 802.11 wireless network uses multiple access points.
As you can see, as users with wireless NICs move from one office to another, the roaming feature of the NIC automatically switches from one access point toanother, permitting seamless network connectivity without wires or logging off the network and reconnecting.
Users per Access Point
The number of users per access point varies with the product; Wi-Fi access points are available in capacities supporting anywhere from 15 to as many as 254 users. You should contact the vendor of your preferred Wi-Fi access point device for details.
Although wired Ethernet networks are still the least expensive networks to build if you can do your own wiring, Wi-Fi networking is now cost-competitive with wired Ethernet networks when the cost of a professional wiring job is figured into the overall expense.
Because Wi-Fi is a true standard, you can mix and match access point and wireless NIC hardware to meet your desired price, performance, and feature requirements for your wireless network, just as you can for conventional Ethernet networks, provided you match up frequency bands or use dual-band hardware.
Putting Your Network Together
In this section is a detailed checklist of the hardware and software you need to build your network.
First, start with the number of computers you plan to network. You need the items discussed in this section to set up your network.
Every system needs a network adapter or interface card. These are normally built in but can also be added in the form of a card or external USB device.
Traditionally, network adapters are also called network interface cards (NICs). To simplify technical support and minimize the number of drivers you have to deal with, where possible I recommend you use the same make and model of NIC for each computer in your network.
For the best performance in a wired network, I recommend using only Gigabit Ethernet components, especially with regards to NICs and switches. If your system has a built-in Fast Ethernet (100 Mb/s) NIC, you might consider replacing it with a gigabit Ethernet card. I recommend PCI Express-based gigabit NICs for desktop computers and ExpressCard gigabit NICs for laptop computers with ExpressCard slots. (ExpressCard includes the PCI Express bus.) If these slots are not available, use PCI or CardBus cards instead.
USB network adapters can be convenient, but USB 1.1 sockets are much slower than 10/100 Ethernet and slow down any USB-attached network interface. USB 2.0 sockets and devices are satisfactory for connecting 10/100 Ethernet USB adapters but they are completely inadequate for gigabit Ethernet adapters. If you truly want gigabit Ethernet performance, avoid USB and use a PCI, PCIe, or ExpressCard-based card instead.
On the other hand, when adding wireless networking to desktop systems I recommend USB wireless network adapters over those using PCI or PCIe slots. There are several reasons:
- Installation—You don’t need to open the system to install a USB device.
- Portability—You can easily use the USB device with any other PC.
- Signal strength—You can more easily achieve optimal antenna placement with a USB device, especially when attached to the end of an extension cable.
For the best performance systems should be connected via a Gigabit wired connection, wireless should only be used if a wired connection isn’t possible or cost effective.
You should record the brand name and model number of the network adapters you are using, as well as the driver version or source. Use the table on the next page as a template for storing this information.
Installing the Network Adapter
When installing an internal network card, follow this procedure:
- Open the case and locate an open expansion slot that matches the type of NIC you purchased (preferably PCI or PCI Express).
- Using a screwdriver, remove the screw securing the slot cover at the rear of the case.
- Insert the card gently, ensuring that the edge connector is seated solidly in the slot.
- Fasten down the card with the same screw that held the slot cover.
Tip: If you are a realist like me, you might not want to close the case until you are certain the NIC is working. (See the next section, “Testing Your Network Adapters and Connections.”)
Once the network adapter is installed, you need to install the drivers for the card that match your OS.
Testing Your Network Adapters and Connections
Connect the network adapter to the network. With an Ethernet network using UTP cable, run the cable from the card to the switch, turn on the computer and switch, and watch for signal lights to light up on the NIC’s back bracket (if so equipped) and on the switch. Switches normally use LEDs to indicate the presence of a computer on a particular port, and they usually indicate the connected speed. If the LEDs show that the card is connected at the correct speed, that usually indicates the card and intervening cabling are functioning correctly. For other types of networks, see the diagnostics provided with the network hardware for testing details.