On Mon, 31 Mar 2008, Carl A jeptha wrote:
people have been killed for less, spill the beans, or be stoned by
the crowd. :-D
Hmmm...weighing the two options of spilling the beans or death by
stoning, I think I'll take the former, as the latter sounds a bit
painful. ;-)
Ok..here we go. First, I will say that I have installed a system
such as I will describe MANY times. I know that it works and works
well. The effectiveness of this type of network depends on MANY
factors, which are unique to each of the networks I have deployed.
Having said that, let me describe the steps and, later, some
options.
First, the "freebie" part:
The idea is that there is an existing 802.11(a|b|g) network deployed
already in MOST populated areas in the US and Canada. Since this is
the case, I began looking at ways to bring municipalities around to
a point where they NEED our existing networks. There are many
reasons for this, but the most important was that if they need the
network, they will be more likely to try to help us protect it as
well as be more willing to allow us to use space such as water
towers and such. Many cities already do this, but by providing
crucial services to them, they are more willing to make it
affordable as well as allow for "exclusivity" on the city's
property.
At any rate, what I did was create a set of scripts that allowed me
to put Internet access in places like Fire Trucks, Police Cars and
other city owned vehicles. Each network is different, so I can't
just give a "cut and paste" script...What I CAN do, however, is
provide the LOGIC and description of the necessary parts.
For the WAN part of the network, you will be able to use ANY
access point (not just Mikrotik). Well, any aps that you can
connect to with a MikroTik running as CPE. This includes a MT
access point that is running in 900, 2.4, 5.x AND 4.9 (emergency
services). Bear in mind that the higher frequencies are MUCH more
picky about LOS and the CPE side (the vehicle) is not going to have
much antenna. All we need here is the ability to connect with a MT
client device and access the network. I've used DHCP, static IP
addressing AND pppoe...the connection method is not important.
Additionally, we will need, at least for some services, a MikroTik
router at the "head" of the network. The purpose of this MikroTik
is to provide a VPN server, so that we can provide the various
services (police department, fire dept, ambulance, etc) with a means
to contact the cars with a consistent IP address, regardless of the
location that device is currently using as a connection. This
allows for us to (for instance) let the dispatcher see a video
stream from "car 1" without having any knowledge of where or how
that car is connected to the network.
Now, for the CPE that will be installed in the vehicle. There are
MANY ways to do this, depending on the set of services needed in the
car. In some cars, we have a CPE with just a single radio that will
be the internet connection and path back to the VPN server. What we
do in this router, is set up the following:
1. Using connect-list feature, we set up the APs that we are allowed
to connect to. This can be all the APs on a single ISP or even
multiple ISPs...it doesn't really matter.
2. We need to know how to configure the CPE for EACH access point we
can connect to. For example:
* SSID "sample1" needs pppoe with user/pass of "test/test"
* SSID "sample2" needs DHCP
* SSID "otherISP" needs static IP of x.x.x.x/24
3. We have to monitor the RX signal level on the current AP so that
we can force the CPE to find a better AP when the signal is no
longer usable. This is necessary, since there are two "bad" things
happening.
1. The CPE is moving (either closer to or further from) the
AP most of the time.
2. 802.11a/b/g does NOT disconnect automatically until the
signal level is so low that it is completely unusable for
our purpose.
SO, we have to constantly monitor the connection to FORCE the CPE to
disconnect, so that it will find the AP that is best for where we
are physically located NOW.
4. We have another script (or a portion of the above script) that
will detect our current AP and insure that the network parameters
(DHCP/PPPoE/etc.) is correct. This is the "tricky" part.
The above description is all that's needed for a CPE that is a
single radio config. You can, also, add the ability for the car to
have it's own AP for devices such as a wireless SIP phone or PDA to
connect to. Obviously, a SIP phone will drop a call if the time to
switch towers is too long. It is because of this that I built a
script that allowed for 2 client radios. This script does all the
stuff that the above description says, but it does it in a different
way. What happens is this:
1. Radio 1 connects to the best AP and is configured as our
"current" connection (get's the correct IP information and a gateway
is added so that traffic uses this radio).
2. Radio 2 begins searching for the best AP and will be configured
with IP information ONLY if the current signal level on Radio 1 is
below a certain (definable) threshold.
3. If Radio 2 is now the "current" connection, then Radio 1 begins
the search for a new AP. and the cycle is repeated ad infinitum.
Basically, we "walk" the network with 2 CPE devices. We can, also,
set the AP in the car so that it is not going to interfere with the
"current" radio's frequency, though this will cause problems with
calls if we aren't careful. In order to detect "call status", I use
a script that watches packet rate on the interface. If it is below
a certain number, I will assume that there is no call currently
connected, and it is safe to move the car mounted AP to a new
channel if it is interfering with the current connection.
As you can see, it is doable, but it is VERY involved. I don't want
to make this a "sales pitch", but I will say this much...
1. Each install is VERY HIGHLY CUSTOMIZED, and, therefore, has to be
built according to the needs of the specific network
2. Cost may seem high, but MUCH of this can be paid for with grants
(homeland security has MILLIONS of dollars to build these types of
systems out)
The first one of these that I built was WAY underbid. I only
charged about $3k for that one. The most expensive was about $18k,
but involved almost 2 weeks onsite. The average cost (my part) is
about $5k-7k.
--
********************************************************************
*Butch Evans *Professional Network Consultation *
*Network Engineering *MikroTik RouterOS *
*573-276-2879 *ImageStream *
*http://www.butchevans.com/ *StarOS and MORE *
*Mikrotik Certified Consultant *Wired or Wireless Networks *
********************************************************************
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
