Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Building Wireless Community Networks: Implementing the Wireless Web

Building Wireless Community Networks: Implementing the Wireless Web

by Rob Flickenger, Sue Miller (Editor)

In Building Wireless Community Networks, author and O'Reilly network administrator Rob Flickenger offers a compelling case for building wireless networks on a local level: They are inexpensive, and they can be implemented and managed by the community using them, whether it's a school, a neighborhood, or a small business. This nuts-and-bolts guide


In Building Wireless Community Networks, author and O'Reilly network administrator Rob Flickenger offers a compelling case for building wireless networks on a local level: They are inexpensive, and they can be implemented and managed by the community using them, whether it's a school, a neighborhood, or a small business. This nuts-and-bolts guide provides all the necessary information for planning a network, getting the necessary components, and understanding protocols that you need to design and implement your network. The wireless Internet infrastructure, also known as Wi-Fi, is based on the 802.11b standard.The book covers Rob's experience with the Sebastopol Community Network (NoCAT), a multi-tiered network that provides wireless access for O'Reilly employees and free Web browsing to anyone in the area who has a Wi-Fi card in his or her computer. He describes his experience in using 802.11b, selecting the appropriate equipment, finding antenna sites, and coping with the general problems of outdoor networking.Building Wireless Community Networks starts off with basic wireless concepts and essential network services, while later chapters focus on specific aspects of building your own wireless networks. The final chapter is a detailed journal of Rob's experiences in building his first community network. He begins with his first attempts at using a wireless card at a conference, covers the real-life experience of trying something new, and ends with notes from the Portland Summit, a national gathering of wireless aficionados.If you want to join the grassroots effort to build freely available wireless Internet infrastructures in your community, this book is invaluable.

Editorial Reviews

The Barnes & Noble Review
What if you could build a network that gives high-speed wireless web connections to everyone in your building, your school, your small business, your neighborhood? With Wi-Fi 802.11b technology, you can. This stuff's so powerful, so cool, so surprisingly cheap, you wonder if its inventors realized what they were doing.

Rob Flickenger sure does. In his spare time, he built the Sebastopol Community Network (NoCAT), which provides wireless access for the publishing folks at O'Reilly -- and free web browsing to anyone with a Wi-Fi card who wanders by. Drawing on that experience, he's written the first complete guide to using 802.11b technology to build free public (or, for that matter, private) networks. Flickenger covers it all: planning, network layouts, component purchasing, interoperability, deploying Internet protocols, setting up peer-to-peer networks with Linux-based gateways, applications, security, and power restrictions (don't run afoul of the law).

Since the technology's still new, early adopters like Flickinger sometimes have to cobble together their own solutions (e.g., for authentication) or discover the performance realities through trial and error (you'll learn why the roof isn't always the best place for your antennae and why the best season to install your network is springtime). But make no mistake: unless the "powers that be" and their lawyers find a way to stop it, this is going to be huge. Reading Flickenger's chapter of case studies from around the U.S., you can just taste the coming revolution. (Bill Camarda)

Bill Camarda is a consultant, writer, and web/multimedia content developer with nearly 20 years' experience in helping technology companies deploy and market advanced software, computing, and networking products and services. He served for nearly ten years as vice president of a New Jersey–based marketing company, where he supervised a wide range of graphics and web design projects. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

Product Details

O'Reilly Media, Incorporated
Publication date:
Product dimensions:
6.04(w) x 8.94(h) x 0.36(d)

Read an Excerpt

Chapter 3: Network Layout

In many ways, 802.11b networking is very much like ethernet networking. Assuming you want to connect your wireless clients to the Internet, you'll want to provide all of the usual TCP/IP services, such as Domain Name Server (DNS) and Dynamic Host Configuration Protocol (DHCP), that make networking so much fun. To the rest of your network, wireless clients look like just any other ethernet interface and are treated no differently than the wired printer down the hall. You can route, rewrite, tunnel, fold, spindle, and/or mutilate packets from your wireless clients just as you can with any other network device.

Presumably, no matter how many wireless clients you intend to support, you will eventually need to "hit the wire" in order to access other networks (such as the Internet). How do packets find their way from the unbridled freedom of the airwaves to the established hyper-interconnected labyrinth of the Internet?

Wireless Infrastructure: Cathedral versus Bazaar

As with any network supporting different physical mediums, network bridges must exist that are capable of exchanging data between the various network types. A wireless gateway consists of a radio card and a network card (usually ethernet). In the case of 802.11b, radios participating in the wireless network must operate in one of two modes: BSS or IBSS.

BSS stands for Basic Service Set. In this operating mode, a piece of hardware called an access point (AP) provides wireless to ethernet bridging. Before gaining access to the wired network, wireless clients must first establish communications with an access point within range. Once the AP has authenticated the wireless client, it allows packets to flow between the client and the attached wired network, effectively acting as a true Layer 2 bridge, as shown in Figure 3-1. A related term, ESS (or Extended Service Set) refers to a physical subnet that contains more than one AP. In this sort of arrangement, the APs can communicate with each other to allow authenticated clients to "roam" between them, handing off IP information as the clients move about. Note that (as of this writing) there are no APs that allow roaming across networks separated by a router.

IBSS stands for Independent Basic Service Set and is frequently referred to as Ad-Hoc or Peer to Peer mode. In this mode, no hardware access point is required. Any network node that is within range of any other can commence communications if they agree on a few basic parameters. If one of those peers also has a wired connection to another network, it can provide access to that network. Figure 3-2 shows a model of an IBSS network.

Note that an 802.11b radio must be set to work in either of these modes, but cannot work in both simultaneously. Both modes support shared-key WEP encryption (more on that later).

Access Point Hardware

Access points are widely considered ideal for campus coverage. They provide a single point of entry that can be configured by a central authority. They typically allow for one or two radios per AP, theoretically supporting hundreds of simultaneous wireless users at a time. They must be configured with an ESSID1, a simple string that identifies the wireless network. Many use a client program for configuration and a simple password to protect their network settings.

Most APs also provide enhanced features such as:

MAC address filtering
A client radio attempting access must have its MAC address listed on an internal table before being permitted to associate with the AP.

Closed networks
Usually, a client can specify an ESSID of "ANY" to associate with any available network. In a closed network, the client must specify the ESSID explicitly, or it can't associate with the AP.

External antennas
Continual link-quality monitoring
Extended logging, statistics, and performance reporting

Other enhanced modes include dynamic WEP key management, public encryption key exchange, channel bonding, and other fun toys. Unfortunately, these extended modes are entirely manufacturer (and model) specific, are not covered by any established standard, and do not interoperate with other manufacturer's equipment. It should also be noted that, once a client has associated itself with an AP, there are no further restrictions imposed by the AP on what services it can access.

APs are an ideal choice for private networks with many wireless clients that exist in a confined physical space, especially on the same physical subnet (like a business or college campus). They provide a high degree of control over who can access the wire, but are not cheap (the average AP at this writing costs between $800 and $1000).

Another class of access point is occasionally referred to as a residential gateway. The Apple Airport, Orinoco RG-1000, and Linksys WAP11 are popular examples of low-end APs. They are typically much less expensive than their commercial counterparts, costing between $200 and $500. Many have built-in modems, allowing for wireless to dialup access (which can be very handy, if ethernet access isn't available wherever you happen to be). Most even provide Network Address Translation (NAT), DHCP, and bridging services for wireless clients. While they may not support as many simultaneous clients as a high-end AP, they can provide cheap, simple access for many applications. By configuring an inexpensive AP for bridged ethernet mode, you can have a high degree of control over what individual clients can access on the wired network (see the section "Captive "Catch and Release" Portal" in Chapter 7).

Despite their high cost, APs have their place in building community wireless networks. They are especially well suited to remote repeater locations, due to their ease of configuration, low power consumption (compared to a desktop or laptop PC), and lack of moving parts. We'll go into detail on how to set up an AP in Chapter 4.

Peer-to-Peer Networking

If the goal of your wireless project is to provide public access to network services, the functionality high-end APs provide will almost certainly be overkill, particularly in light of their high cost. Luckily, with IBSS mode, AP hardware is entirely optional.

Radios that are operating in IBSS mode can communicate with each other if they have the same ESSID and WEP settings. As stated earlier, a computer with an 802.11b card and another network connection (usually ethernet or dialup) can serve as a gateway between the two networks. Add in DHCP and NAT services, and you effectively have a full-blown Internet gateway. As various free operating systems can provide these services, and will run well on hardware that many people already have lying around in closets (i.e., 486 laptops and low-end Pentium systems), this mode of operation is an increasingly popular alternative to expensive APs. If you have host hardware available already, the low cost of making a gateway is very attractive (the cost of the average client radio card is $120, or about half of a low-end AP).

What is missing from a do-it-yourself gateway? Instead of the myriad access control methods that actual APs provide, the only out-of-the-box access control you have available is WEP. As we saw earlier, a shared key does little on its own for security, and it isn't appropriate in a public network setting anyway. So how can we provide network access and still discourage abuse by anonymous wireless clients?

In Chapter 5, we'll build a Linux based wireless gateway from scratch. In Chapter 7, we'll examine one method of extending the gateway to provide different classes of service, depending on who connects to it.

Vital Services

A network can be as simple as a PPP dialup to an ISP, or as grandiose and baroque as a multinational corporate MegaNet. But every node on a multimillion dollar network in Silicon Valley needs to address the same fundamental questions that a dialup computer must answer: who am I, where am I going, and how do I get there from here? In order for wireless clients to easily access a network, the following basic services must be provided.


The days of static IP addresses and user specified network parameters are thankfully far behind us. Using DHCP2, it is possible (and even trivial) to set up a server that responds to client requests for network information. Typically, a DHCP server provides all of the information that a client needs to begin routing packets on the network, including the client's own IP address, the default Internet gateway, and the IP addresses of the local DNS servers. The client configuration is ridiculously easy and is in fact configured out of the box for DHCP in all modern operating systems.

While a thorough dissection of DHCP is beyond the scope of this book, a brief overview is useful. A typical DHCP session begins when a client boots up, knowing nothing about the network it is attached to except its own hardware MAC address. It broadcasts a packet saying effectively, "I am here, and this is my MAC address. What is my IP address?" A DHCP server on the same network segment listens for these requests, and responds: "Hello MAC address. Here is your IP address, and by the way, here is the IP address to route outgoing packets to, and some DNS servers are over there. Come back in a little while and I'll give you more information." And the client, now armed with a little bit of knowledge, goes about its merry way. This model is shown in Figure 3-3.

In a wireless environment, DHCP is an absolute necessity. There isn't much point in being able to wander around without a cable if you need to manually set the network parameters for whatever network you happen to be in range of. It's much more convenient to let the computers work it out on their own (and let you get back to more important things, like IRC or Quake III Arena). Since DHCP lets a node discover information about its network, one can get "online" without any prior knowledge about that particular network's layout. This service demonstrates a condition that network administrators have known for years: users just want to get online without knowing (or even caring) about the underlying network. From their perspective, it should just work. DHCP makes this kind of magic possible.

From a network admin's perspective, the magic isn't even terribly difficult to bring about. As long as you have exactly one DHCP server running on your network segment, your clients can all pull from a pool of available IP addresses. The DHCP server manages the pool on its own, reclaiming addresses that are no longer in use, and reassigning them to new clients.

In many cases, a wired network's existing DHCP server serves wireless users with no trouble. It sees the wireless node's DHCP request just as it would any other, and responds accordingly. If your wired network isn't already providing DHCP, or if your wireless gateway isn't capable of L2 bridging, don't worry. We'll cover setting up the ISC's dhcpd server in Linux in Chapter 5.


My, how different the online world would be if we talked about sending mail to rob@, or got excited about having just been'd. DNS is the dynamic telephone directory of the Internet, mapping human friendly names (like oreillynet.com or slashdot.org) to computer friendly numbers (like the dotted quads above). The Internet without DNS is about as much fun and convenient as referring to people by their Social Security numbers.

Much like DHCP, your network's existing DNS servers should be more than adequate to provide name resolution services to your wireless clients. However, depending on your particular wireless application, you may want to get creative with providing additional DNS services. A caching DNS server might be appropriate, to reduce the load on your primary DNS servers (especially if you have a large number of wireless clients). You might even want to run separate DNS for your wireless hosts, so that wireless nodes can easily provide services for each other.

There was a time when knowing the IP address was sufficient to access information from any Internet server. Interestingly enough, partially spurred on by the shortage of IP addresses on the Net, it's now impossible to access many web services without knowing their name. Apache's NameVirtualHost directive makes it possible for many web sites to share the same IP address without interfering with each other, as long as the client asks for the site by name as well as by number. We'll see how to use this nifty bit of trickery to get around NAT and allow Internet accessible web pages to be served from private IP addresses. More on that in Chapter 7.


In order for any machine to be reachable via the Internet, it must be possible to route traffic to it. A central authority, the IANA3, holds the keys to the Internet. This international body controls how IP addresses are parceled out to the various parts of the world, in an effort to keep every part of the Internet (theoretically) reachable from every other and to prevent the accidental reuse of IP addresses in different parts of the world. Unfortunately, due to the unexpected tremendous popularity of the Net, what was thought to be plenty of address space at design time has proven to be woefully inadequate in the real world. With thousands of new users coming online for the first time every day, the general consensus is that there simply aren't enough IP addresses to go around anymore. Most ISPs are increasingly paranoid about the shortage of homesteading space, and they are loath to give out more than one per customer (and in many cases, won't even do that anymore, thanks to the wonders of dynamic DHCP)....

Meet the Author

Original portrait of the author by Claire Abila.Thanks, Claire! Born the son of a pig farmer in Bucharest, this young ne'er-do-well had few ambitions above mucking out the slop stall before dinner. But that was just at the dawn of the digital age. Who would have thought that five years later the same boy who thought cow tipping shouldn't go above 10 percent would go on to invent the Internet, and eventually become the first living human with an ADSL line surgically attached to his spinal column. Now, in these increasingly untethered times, he has eschewed his former 6Mbit neural I/O port for an 11Mbit, encrypted, wireless version. It certainly makes it easier to leave the house without the need for miles of extension cord. Rob is the author of three O'Reilly books, Building Wireless Community Networks, 2nd Edition, Linux Server Hacks, and Wireless Hacks. He recently served as sysadmin for the O'Reilly Network, and is currently working on promoting community wireless networking through efforts like FreeNetworks.org and NoCat.net.

Customer Reviews

Average Review:

Post to your social network


Most Helpful Customer Reviews

See all customer reviews