My 2 cents from our still early experiences at www.socalfreenet.org. Unlike many people on the list, I don't do this for a living, so caveat, caveat, caveat!
<snip> 1. How do we interconnect AP1/2/3 without cables without sacrificing bandwidth? Though DSL circuit(s) will probably end up being 6Mb total (if capacity requires, we will just give each AP its own DSL), we do need to think about possible success. </snip> Use two radios, preferably in separate boxes mounted several feet apart and joined by ethernet. (Or use one box with two radios but one on 802.11b and the other on 802.11a.). One radio receives data from the closest AP, usually via a directional antenna (which presumably could "punch through" your building but you'd need to verify!). The separation mitigates the radios interfering with each other. Read more about the Nocat interference experience in the list of links at http://socalfreenet.org/book/view/65. <snip> 2. What is the cheapest way to do this. Using D-link hardware would probably cost us about 4K plus our sweat. Hardware made by DemarcTech.com is a bit cheaper with more features. Does anyone have any other suggestions? </snip> Cheapest but still effective? Probably an Engenious/Senao 2611AP3 hacked for outdoor use (POE hack per www.nycwireless/poe or www.socalfreenet.org/poe, plus outdoor case and pigtail) and a 2611CB3+ similarly hacked but hooked to the directional antenna. Basically a pure bridge scenario where DHCP etc is handled by a box where the DSL comes in (most likely). This gear is available at www.netgate.com and similar online places (froogle should find it). Less cheap, more flexibility for management since you control the OS, but basically the same radio and hence signal strength etc, is a Soekris/Senao based solution like www.socalfreenet.org/standardap. Next price point is various solutions like Smartbridges AirpointPro, DemarchTech etc. Fwiw, we've used the Smartbridges and like them a lot - mostly because they come in a waterproof case all ready to go! But now we're using our 'standard ap' (above) for more flexibility and slightly lower cost. <snip> 3. Security. How do we deal with non-encrypted traffic. Do we just let residents worry about their security like most universities do? </snip> I suggest none, except a firewall to the outside world at your DSL connection. If you enable WEP then you immediately have to help everyone configure their computer - and its fake security anyway. IMO, better to educate first about securing email passwords and traffic, getting firewalls on machines and then optionally people can spring for their own encypted links via services like www.freedom.net or www.anonymizer.com. See http://goldenhillfreeweb.org/node/view/22 for a longer discussion of what we recommend to our wireless residents. Other random observations. We have a similar architecture as you suggest for www.goldenhillfreeweb.org (the genesis of www.socalfreenet.org). The equipment we use for that, including the captive portal OS (MikroTik's RouterOS) and hardware is described here: www.sdwug.org/proj/GoldenHill. Hope these ramblings help. Sounds like a fun project. Good luck! cheers, michael www.socalfreenet.org Building Community Wireless Networks for Southern CA -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
