Webs’ Random Ideas

A group at work here just got in a WiFi drill that sends data to a base unit over WiFi. Being an IT guy and having worked in networking I am always very very skeptical of such devices.

The 2.4 range is for the most part open and companies can make devices that broadcast how they want to, following FCC rules. But the FCC is under staffed and manned to adequately enforce everything that happens, so companies end up with devices that blast RF everywhere and take out wireless, in our case, LWAPP.

So we hooked up the base unit, got the wireless drill operating, and pulled out the spectrum analyzer to see what the drill was doing in our WiFi environment. The results? We found nothing. I was shocked and thought for a second the equipment might be malfunctioning or our spectrum software or device was somehow not working correctly.

Everything was operating as it should. So why didn’t we see it? This drill uses the a newer wifi protocol, zigbee: http://en.wikipedia.org/wiki/ZigBee. Its a wireless mesh protocol that operates at 900 mhz in the US. All WiFi today in the US is either 2.4 or 5 ghz. So anything wireless at 900 mhz is a network admin’s wet dream.

The Zigbee protocol is interesting, but I will leave it to another post. We approved the device and I was pleasantly surprised.

As I mentioned a little bit ago I had a network upgrade. Took place Tuesday night. What we were doing should not have been a big deal. In fact I had done this before on a smaller scale. My coworker Rob and I were upgrading a network with some newer equipment and moving routing down to the Distribution layer. Maybe I should attempt to explain some of this…

Typically in a network design you have 3 layers for host traffic, Access, Distribution, and Core. The Access layer is the host or client layer. Devices at this layer are typically switches (in older networks you might see hubs) and access points and give hosts a layer two connection to the network. Layer two connections in a network use the MAC address of devices to send traffic along.

The Distribution layer interconnects access layers together. It can be used for physical separation of access layers or to route traffic between access layers to each other and the Core layer. Typically devices here are switches and have a layer two connection up to the Core layer. But more and more networks are now creating layer 3 connections at the distribution layer because of the advantages it offers. This is what we were doing with our upgrade.

The Core layer is used to route traffic around the higher levels of the network and typically to the outbound pipes to the Internet. Devices at this layer are typically routers, but Layer 3 switches usually work great to the point where you need special services like VPN tunnels and outbound connections. All traffic at the Core is typically layer 3 when it leaves. This means traffic is traversing devices via IP addresses.

So when I say we are moving routing to the Distribution layer, it means devices at this layer will route traffic up to the Core devices. There are many advantages to doing this. One of the big ones is segmenting VLANs. VLANs (virtual LANs) is a networking tool that allows us to split up traffic on switches. What you can do is create a network for any traffic going through a switch that you want. Then apply this network or VLAN to any switchport you want. Traffic within a VLAN stays in that VLAN thus giving us our segmentation.

So in a scenario where we have multiple sites in a geographic region we can create layer 3 Distribution layers at the edge of each site to do routing between them and the core. This means that the VLAN traffic at each site stays local. So VLAN 50 traffic that might exist at site 1 will stay local to that site. When the traffic from VLAN 50 leaves and goes out the layer 3 Distribution device, it is routed. So at this point the VLAN this traffic came from is irrelevant.

What we get from this is that traffic at site 1 will remain at site 1 unless it needs to go out to another network or VLAN that doesn’t reside at site 1. Whereas if we had a layer 2 device at the distribution layer and maybe 10 VLANs at site 1, clients in 2 different VLANs would have to have their traffic leave site 1 for them to communicate with each other up to the Core layer where the gateway of each VLAN would exist. Even if they sat right next to each other. This is why having a layer 3 device at the Distribution layer can be a good thing because the gateway for VLANs exists closer to the point of origin for traffic.

So back to the story…

I took down our main campus. I was connected directly to our cores at the World Wide Headquarters and connected to the wireless infrastructure. I applied my scripts and as soon as I did my wireless dropped. I thought, “Hmmm that’s strange.” I called Rob who was at our Tech Center site doing some work in our closet there. I asked him if he had finished hooking up the Distribution switches. He said he had but we had no connectivity from me to him.

Once we started looking into it I got a call from Ops (operations). There is only one thing I think of when my work cell phone rings, “SHIT!!” Reason being, the only folks that call it are the ones from Ops, so when it rings I have the Pavlovian response of, “It must be Ops!” Sure enough it was Ops and our Enterprise wide security team was down. This is a problem.

After looking into we found I had two lines of code that took things down. Normally those two lines would not have been a big deal. This time it was a big deal because it was blocking the VLANs that were used to pass routing information between the cores and our major routers. Oops! This meant those two lines took down our ENTIRE World Wide Headquarters campus and security for the entire Enterprise.

Well lessons learned and after an slap on the wrist the next day I have learned my lesson and know what I did wrong. What a night!

Crossing fingers… More later

So for those of you unaware, 802.11N is the latest and greatest wireless revision soon to be out of draft state. If you don’t know what N is, you likely have an “A”, “B”, or “G” wireless router at home or some mixture of those three. Well the IEEE organization that writes and specifies Technology standards has written specs for each of those letters under the section of 802.11. Thus 802.11N refers to the “N” wireless standard.

My partner and I at work are doing some Wireless N testing to see what performance we get and also to determine what if any applications exist for it’s use (we already have a wireless infrastructure so what is there to gain by moving to N). We have heard rumors and listened to all kinds of webcasts about what Wireless N can do. We thought it was time to put the money where the mouth is so to speak. We have 3 client laptops at work that can do Wireless N. We have 4 Cisco Wireless N Access Points (AP) deployed and connected to a Wireless Controller over Gig connections.

We go to do the testing and the laptops freak out! They will not connect to any of our test APs. Well they do but as soon as they connect the systems freeze and lock up. Naturally we troubleshoot all the obvious issues like rebooting, reinstalling the drivers, looking for system log errors, uninstalling the NIC and re-installing, but nothing worked.

Then just randomly we took a few of the laptops and one of the N APs to a different building about ready to give up. The APs in this building will connect to a different wireless controller. And oddly enough when the laptops are connecting to an N AP that is associated with any other controller besides the one used for our N testing, they work just fine.

Assuming the controller was the problem we checked out the settings and sure enough there was one little difference… To attempt to force a wireless connection using “N” we set the controller to force the client to connect at 54mbps or higher. For whatever reason the laptop freaked out with this one little setting. Which doesn’t make much sense. So we set the controller so that it will allow connections at lower speeds and sure enough the laptops work just fine.

What this means to me is that N is still in it’s infancy and driver support is too. More about the testing results later…

So I have been in a major writing drought for over 6 months now and I have finally decided to start writing again. What I want to do is start putting my networking knowledge down on “paper”. I will be sitting for the last half of the CCNA in a couple months and while studying I thought I could write about networking topics that could help others out too.

But as we all know blogging is narcisistic so of course there is something in it for me. I want to make sure I know the subject material too. And as folks ask questions and tell me where I screwed up I will be better able to hone my skills. As well as likely help someone else in the process.

Don’t know how much I will get written down, but hopefully there will be a wide range and long list of topics. Starting with the one following this post.

Tonight I go into work at 9:00P and hopefully will leave around 10:00A tomorrow morning. We are upgrading the “core” network devices and some of our “distribution” layer devices. Basically we are pushing routing down to the distribution layer and turning our cores into essentially layer 3 switches that do only routing. Oh and at 10gig speeds between those layers… It’s a much needed change and because we are manufacturing company we have to schedule the outages carefully. Not to mention we only have a 6 hour window.

Sounds like a simple change, but we will likely use up those 6 hours quickly. Our PM (a true Networking God) from our group has done an amazing job planning this so it looks like things are going to go super good!

I just got done with a 3 hour nap to prepare, hopefully I can stay up.