Grim’s Place

It has been quite a year and as you can tell, I haven’t had much time for updating blogs.  It seems like I have more projects at work than I can count.  I’m having to delegate things to the other guys.

So far the new wireless connection is running great.  I have the folks that live at the grain tower location connected and still need to get two more hooked up.  I just did a quick test copying from my work machine to my machine here at home… 28Mbps average.  Speakeasy gives the Internet speed at 22Mbps.  Next spring I’ll upgrade the first portion of the link to 5.8Ghz and the rest of the radios to 2.4Ghz 802.11n gear.  That should get me around 80Mbps to the desktop.

I also picked up a Droid last month.  I’d been using a Windows Mobile phone but the battery was dying and it was 5 years old.  The Droid is very awesome.

Griminal Grim's Ramblings

We passed a milestone at work this week.  Our I.T. Steering Committee has approved a RFP to send out to HIS/EMR vendors.  It’s a 3.5 million dollar project…… and I thought I was stressed before!  Next step is to see demos, go on site visits, and finally select a winning vendor by February/March of 2010.  After the selection is made, we have a 12-14 month implementation to go through…. converting all electronic data over to the new system.

I order an additional two Ubiquiti Bullet M2 HP units this week and they should be here tomorrow.  With those in place I should be able to get 40+ Mbps through the 7+ miles of wireless. I’ll post my results this weekend.  I’m also hoping to tweak in the antennas too.  I borrowed a netbook from work so I can take it up towers with me to align the antennas.  Every db of signal strength counts!

Griminal Grim's Ramblings

I took an old 2.2 Celeron system that we were going to pitch, stuck a bunch of NICs in it…. and turned it on.  Actually I installed OpenBSD 4.5, did some packet filter/firewall configuring and some DHCP goodness.

Here’s what I was looking to achieve:

WAN (Internet)
|
|-Work
|
LAN (Wireless link)

I’m going to have other people on the wireless link and I don’t want them having access to my work network.  My solution was pretty simple.  I assigned fixed IP addresses to each of my personal machines given out by MAC address via the DHCP server running on the router.  I was also able to give the work domain name and DNS servers via DHCP to only my machines too.  I then added one NAT line to the pf.conf file to only allow my fixed IP addresses out to the work network.  The only way people would be able to access work is if they hard coded one of the IPs on their system… plus they’d need to know the IPs of our network and all that.  I think it’s pretty safe.

Next thing to have the router do is traffic shaping.  I want to do quality of service for our VOIP and throttle the kid so he doesn’t saturate the connection.  The same thing goes for me and SMB to my workstation. I might install Nagios for fun.  I’ll probably use the box to route to my web server too.

As far as the link itself, I’m having a hard time deciding what to do.   The customer-premises equipment (CPE) that I’ll need to give to the rest of the folks that will be using the link hasn’t been released in the 802.11n version yet.  If I buy 802.11g radios, I’ll lose the 80Mbps speeds I’ll get with a 802.11n bridge.  I could just buy 802.11g stuff with the intention of selling it later.  The Internet only comes down at 18Mbps sustained… which 802.11g can handle.  But Comcast is rolling out 50Mbps service and 802.11n can handle that.  Decisions, decisions.

Other than that, I’m sick as a dog.  I took off a 1PM on Wednesday and stayed home today too.  It’s nearly midnight and I’m not feeling much better.

Griminal Grim's Ramblings

I’ve been tweaking the new wireless link this weekend.  I also took some pictures and put them in the photos section.

What I thought was the maximum throughput on the radios was false.  I had the third radio in the series acting as an access point.  The processing power for NAT, DNS, and DHCP was robbing from the overall performance of the radio.  In AP mode, the Bullet2 HP unit was able to push nearly 20Mbps.  I took some time and threw the entire network… all four radios… into WDS mode  and configured them all to be transparent bridges.  The result was 25Mbps of throughput and that IS the TCP ceiling of these units.  As soon as some more Bullet M2 HP units come in, I’ll upgrade the second portion of the link.  Of course the Internet access I’ll be getting won’t be this fast but it sure is nice to access my workstation at these speeds.

I was also able to fiddle with 2.4Ghz channels to get the link running on a certain frequency.  The only unique 2.4Ghz channels are 1, 6, and 11.

My next step… at least I hope… is to create a virtual OpenBSD machine on one of our VMware ESX servers to do QOS, routing, and throttling.  Supposedly, when you put these Ubiquiti radios in WDS mode, they allow all network traffic to flow.  (Edit: my machine’s MAC address showed up in the ARP table on the switch… we’re good!) I’m betting that I can assign different MAC addresses for machines on the link to different VLANs.  Ergo, I can have my machine stay on a work VLAN and all other machines can go directly to the Internet without touching the private network.

Griminal Grim's Ramblings

Ok. So I haven’t updated my blog for the past few weeks.  I’ve had a good reason: I’ve been busy getting a different link up.

What started as the hospital having a unused 2.4Ghz grid antenna on our tower became a new avenue to the Internet for me and others.  I’ve mentioned a grain tower @ 1.2 miles from my house that I could use as a hop to my tower.  Well… that’s what I’m doing as I type this blog post.

1.5Mbps DSL just isn’t fast enough for us anymore.  My boy is becoming a bandwidth hog and I knew I’d have to try to do something soon.  What really put my butt in gear was our DSL donor expressing to me that they’d like to ditch their land line.  Well that shuts down the Internet for us.

I posted a few messages in the Wireless Internet Service Providers forums over at www.dslreports.com.  Besides being schooled up and down about wireless networks, they told me about Ubiquiti wireless gear.  I was lucky enough to get my hands on two of these: Ubiquiti Bullet M2 HP.  These radios are 802.11n, powered over Ethernet, screw right into the high gain antenna, and are a wireless guys dream!  From the grain tower to work, these radios link at full speed with full signal strength…  150Mbps!!!  I did have to narrow the channel width down to avoid interference with the second portion of my link, but they still link point to point at 65Mbps.  Speed test from the work tower to the grain tower are 20+Mbps!  People believe that 802.11n radios have to use multiple antennas…. they are wrong.

After I got the initial link up and working, I’m telling myself I have to get a couple more of these radios!! Unfortunately, that’s what everybody else thought too.  I had to settle for two Ubiquiti Bullet2 HP units for the second portion of the link.  These radios are a little older and only support 802.11g but will work until the 802.11n radios come back into stock next month.

After I received the Bullet2 HP units, my first tests with the link to the grain tower from my tower were lackluster.  The 15dbi omni on my tower had plenty of power to see the 24dbi grid on the grain tower pointing to the house.  The grain tower radio however couldn’t see the omni.  I had to buy another 24dbi grid form my tower.  Thank goodness it worked!

The current speeds I have to my tower are 18.5Mbps with multiple threads.  That seems to be the maximum that these 802.11g radios can transmit.  Lab tests conducted in my living room showed 19Mbps transfers.  The important bit is that the radios link up at their maximum speed and have excellent signal strength.

I still have to solidify the connections and weatherproof some cable runs.  Oh, I do have both links encrypted at WPA2-AES with a tasty key too.

I’ll post more about the link in the future.

Griminal Grim's Ramblings