[This is part 2 of my post on shared Internet access in housing
cooperatives.]
"Helsingin Alueverkkoyhdistys" (Helsinki Neighborhood Networking
Association) is a group of local volunteers and activists with the
altruistic aim of providing "free"� Internet access to everyone.
The ultimate goal is to build community owned fiber-optic networks in
residential neighborhoods. Equally important is an open network of wireless
access points. We believe that universal free and open WLAN access is only
possible, if its backed up by an solid infrastructure of shared wired
networks.
The first stage is to build in-house networks in the apartment blocks and
housing cooperatives. Only when we reach a critical mass of in-house
networks can we start connecting them into neighborhood networks. Housing
cooperatives are important also in the sense that they can easily be
persuaded to give away the free bandwidth needed for the open wireless
coverage.
� Free in this case means free as in "free lunch"; there is no such
thing. Someone will have to pay for the service, or better yet
build the infrastructure that provides the service. The idea is to
make Internet access a basic infrastructure like streets, electric
lighting and running water, available to everyone in need of it.
This infrastructure should be provided by the same people who
provide these basic services, in most cases the property owners.
Activity has been greatest in two new Helsinki neighborhoods, Ruoholahti and
Pikku-Huopalahti. These neighborhoods consist of prefabricated concrete
apartment blocks built mainly in the early 1990's with anywhere between 30
and 170 apartments each.
- http://www.kaupunginosat.net/ruoholahti/kuvagalleria/kuvagalleria.htm
- http://www.saunalahti.fi/asyhd/kuvplahti/1/kuvat.html
Ethernet everywhere!
>From the start the aim has been for higher speeds, thus the focus on
Ethernet technology.
It was felt that if the slow but popular HomePNA technology would be used
for in-house networks, it be a serious hindrance to fiber-optic neighborhood
networks. The limited bandwidth that can be delivered by HomePNA can always
be served by ADSL or other technologies over coper.
Also the focus has been on finding cheap or "zero-cost" solutions for
Ethernet. Housing cooperatives may be willing to invest more heavily, but in
Helsinki all new neighborhoods are mixed neighborhoods with both
resident-owned co-ops and city-owned social housing. The technical solutions
should be so cheap that they can be adopted by council houses with very
limited budgets.
Add-on cabling
The standard way of rewiring houses in Finland has been to use diamond
drills to pierce floors and walls. Heavy-duty aluminum profile conduits are
installed in stairwells to house new cabling. In apartment buildings this
effort was only taken up in conjunction with other renovations, like
renewing the electrical wiring.
Rewiring for the sake of Internet access had not taken up. The only
residential buildings where the effort was made where student dormitories.
The costs would be around 400 euros per apartment.
We started looking for cheaper, lighter alternatives.
Telephone and central antenna cables to apartments are typically enclosed in
20 mm plastic tubing. This would leave space for an other cable in the same
conduit. Also, there should be no need to remove existing telephone wire to
provide the additional Ethernet access.
Initially there was a great distrust that new wire could be pulled alongside
in the same conduit. The only reference was an undocumented 1995 effort to
rewire the dormitories of the Helsinki University of Technology with Cat-5
cable. This was done by student volunteers.
The first houses were rewired in 2003 by volunteer residents. When it was
established that the technique can be utilized, this approach was also taken
up by a large wiring contractor. Several houses with hundreds of apartments
have been wired with a 100% success rate.
Inside the apartment the Finnish legacy telephone socket in one room is
replaced with a new faceplate with RJ11 and RJ45 connectors. The cost
estimate for this type of "add-on" wiring is about ? 150 per apartment.
Success requires that the original construction is up to standard.
Horizontal access
Horizontal telephone cabling in Finnish houses is often done with direct
burial cable. There is no horizontal conduit connecting the splices in
different stairwells. Even worse, a housing cooperative might consist of
several detached buildings separated by an asphalt covered courtyard.
In a prototype house fiber-optic cable was used to connect the
Ethernet-switches in the different buildings. Volunteer residents dug up a
ditch for the underground conduit connecting the buildings. Later experience
has shown this effort to be unnecessary; Finnish telephone cable has proven
its ability to carry 100Base-TX Ethernet for over a hundred meters.
The structure for the in-house Ethernet network in a large apartment block:
1. Place one 24-port Ethernet switch near each stairwell, preferably
in the electricity or central antenna closet. Usually the Scotchlok
splice for the telephone wiring is located in this same space.
2. Pull new Cat-5e cables from the closet to each apartment.
3. Use free pairs in the direct burial telephone cable to connect the
Ethernet switch to the central telephone wiring closet at 100 Mbps.
4. Place the router and central switch at the telephone wiring closet.
Using Cat-3 telephone cable
New Finnish houses built after the year 2000 usually have structural
cabling, that is separate Cat-5e cables for Ethernet and telephone with
RJ-45 connectors. Older houses houses only have cabling for telephone.
Although it is not widely publicized, Finnish telephone cable from the 1990's
has a Cat-3 rating.
Houses built after 1995 usually have three twisted pairs serving each
apartment. It has turned out to be quite a simple task to convert the
cabling to Ethernet use. Originally Finnish legacy telephone sockets are
installed with only one pair connected. This leaves two pairs free for use
by Ethernet. The transformation consists of exchanging one legacy socket for
a RJ-11 / RJ-45 combination faceplate and resplicing the Ethernet-pairs so
that only one socket is connected.
The biggest problem for high speed traffic is the Scotchlok splices used to
connect different parts of the telephone cabling. These are not made to
Cat-3 standards. Practical tests however have shown the connections not to
be a problem. Most installations have worked flawlessly even at higher
speeds of 100 Mbps.
Distances over 100 meters do not seem to pose a problem either. Zero error
operation has been observed in telephone cable at
- 100 Mbps for over 100 meters
- 10 Mbps for over 150 meters
The trick in running 100Base-TX over Cat-3 telephone cable is to only run
one Ethernet link in one cable. This way cross talk between pairs is
minimized.
Giving up fixed-line telephone
Houses built before 1994 usually only have two pairs, in the form of a
twisted star quad, serving each apartment. Using these pairs for Ethernet
traffic poses two problems:
1. Star quad has an impedance of 120 ohms, which differs from the twisted
pair impedance of 100 ohms.
2. Using both pairs for Ethernet means that the resident would have to give
up fixed line telephone service.
In practical tests the impedance mismatch between the pull to the apartment
and the multi-paired trunk cable has shown not to be a problem. 10Base-T
works reliably.
Giving up the fixed phone may not be a problem. Most voice has already "gone
mobile" i.e. moved to mobile phones. The remaining fixed voice traffic is
fast moving to VoIP over the Internet. New programs like Skype and VoIP
gateway service to consumers has made this move possible.
In a survey of residents in a potential conversion site 83% of residents
wanted fixed Internet access. Only 45% required fixed telephone service.
This means that over half of the apartments could be converted to Ethernet
with about 30% needing ADSL or VDSL service.
Filtered solutions for POTS + Ethernet
It may also be possible to run POTS and Ethernet simultaneously on the same
two twisted pairs. Ethernet would occupy the higher frequency band over POTS
on the same pair. Splitters or filters would be used in each end to separate
the two types of traffic.
A company in the US, Energy Transformation Systems, makes filters for this
purpose.
http://www.etslan.com/ethernet.php
A Finnish company H.Vesala Ltd. also makes a similar filter, although for
ADSL use.
http://www.vesala.fi/english/products/adsl_splitters.html
A slightly different implementation is provided by etherSPLIT.
http://www.ethersplit.com/
Routing with one public IP address
A shared Internet connection will typically use only one public IPv4
address. A router has to perform NAPT between the internal network and the
Internet. Normally NAPT blocks all users from running servers on their PC:s.
This is a problem for p2p applications and may block VoIP services
altogether.
A solution is to open a fixed set of port mappings in the router. A set of
ports is allocated for each apartment. Also a set of fixed private addresses
is allocated for each apartment.
Normal users use DHCP to get their IP addresses in the private network. If a
user wants to run a server or a p2p program in active mode, he configures
his PC to use his fixed private address. The set of open ports will be
mapped to this address.
Example:
- address 10.10.10.157 is reserved for apartment 157
- ports 51570 - 51579 are mapped to address 10.10.10.157 in the
private network.
A general configuration of the router can be made that can serve any shared
residential network. When using m0m0wall this configuration takes the form
of an XML file that can easily be distributed.
Routing with one public IP address
A shared Internet connection will typically use only one public IPv4
address. A router has to perform Network Address Port Translation (NAPT)
between the internal network and the Internet. Normally NAPT blocks all
users from running servers on their PC:s. This is a problem for p2p
applications and may block VoIP services altogether.
A solution is to open a fixed set of port mappings in the router. A set of
ports is allocated for each apartment. Also a set of fixed private addresses
is allocated for each apartment.
Normal users use DHCP to get their IP addresses in the private network. If a
user wants to run a server or a p2p program in active mode, he configures
his PC to use his fixed private address. The set of open ports will be
mapped to this address.
Example:
address 10.10.10.157 is reserved for apartment 157
ports 51570 - 51579 are mapped to address 10.10.10.157 in the private
network.
A general configuration of the router can be made that can serve any shared
residential network. When using m0m0wall this configuration takes the form
of an XML file that can easily be distributed. (Hope to make this available
after some more editing :-)
Free wireless access
One of the ultimate goals of this networking activity is to cover
neighborhoods with a "cloud" of free wireless Internet access.
Wireless WLAN networks should not be seen as a primary means of net access,
but as an alternative an additional form of access, more like the ultimate
icing on the cake.
Giving out free bandwidth requires a fixed backbone with bandwidth to spare.
Also the networks need to be based on a culture of sharing.
In the Helsinki wireless "model" open wireless access will be provided by
housing cooperatives. Access points are placed in elevator machine rooms
with strong sectoral antennas placed on the roofs. In concrete buildings it
is difficult to cover the apartments from with in the building but a
directional antenna can easily reach neighboring apartments through windows.
Full coverage requires thus cooperation between neighbors. In an reciprocal
agreement neighbors can grant each other access to their networks. The
practical solution goes even further. A central registry of co-op residents
is maintained in a Radius server (radius.helsinkiopen.net). All housing
cooperatives share this database for access control. The added value is the
ability to freely roam inside and between neighborhoods. Roaming agreements
between other networks will further expand the area of movement.
Giving free and uncontrolled access to everybody might seen like an even
better idea. This is a much more difficult concept to sell to co-op
management boards. The chief concern is not bandwidth usage but security.
Network operators want to be able control who uses their network and to keep
out spammers and an abusers.
To gain access it is thus not necessary to be a member of an organization
giving reciprocal service. It may be sufficient to be a member of an
organization who will authenticate you. In the Oulu public access wireless
network everyone who is a customer of the public library can gain access to
the free network.
http://www.panoulu.net/
The technical implementation of access control can also be done with the
m0n0wall firewall. M0n0wall has a built in captive portal that connects to
an external Radius server.
Petri Krohn
Helsinki Neighborhood Networking Association
HelsinkiOpen -- http://www.helsinkiopen.net
[EMAIL PROTECTED]
Phone: +358 (9) 4362194
Mobile: +358 44 0552285
Skype: callto://pkrohn-fi
--
NYCwireless - http://www.nycwireless.net/
Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/
Archives: http://lists.nycwireless.net/pipermail/nycwireless/
