implimenting roaming?

I wonder if someone could give me some practical pointers on
implimenting WiFi roaming?

We would have several access devices, possibly one per wing
(two parallel wings, one cross-wise) per floor (four floors
for the two wings, one -tall- floor for the other.) There is
a large most-empty interior space between the two parallel wings:
signals carry relatively well in it, but not so well in the built-up
areas [partly because we have some heavy shielding around some
of the areas.] I have read up a bit about channel overlap issues,
and I think we could handle that part.

The messages about roaming that I read in the archives indicate
that one should use the same SSID for all the APs, and that
devices will either pick the strongest signal at any time, or
else will hold on to a signal as long as possible. Strongest
signal would probably be good for us, provided that the switchover
is transparent.

We will be putting the AP's onto a VLAN, and that VLAN will feed
into a firewall. We will probably require use of VPN software.
We were thinking in terms of RADIUS authentication at the firewall.

Some of the messages here in the past have implied that
to do roaming, one should be using 802.1x. One of the messages
from July 2002 stated firmly that 802.1x does not interoperate
between vendors in practice (at least at that time) and one thus
should stick to one vendor for -everything-. If we are authenticating
at the VPN level at the firewall, is 802.1x something we still need
to be looking at?

I am at present unclear on how to allow transparent signal
movement to different APs? Will this happen automagically -- e.g.,
do the APs essentially just see packets, decapsulate (and
decrypt if WEP is enabled) and push them onto the wire? Does WEP
automatically resynchronize when going to a different AP?
If it did, then I would "only" have to worry about any
necessary resync at the VPN level.


Ideally, we'd like to be able to have our people use whatever
wireless card is handy (e.g., built in cards) rather than
requiring that the cards all come from a single manufacturer.
In the tests we have done so far, the Orinoco and Linksys cards
performed about equally well for us, and both the Orinoco and
Linksys APs reached further inside the building then we expected,
and cross-brand connections seemed to work fine for us.

Is there anything special we need for this setup? What
have I overlooked?

Would there be any particular reason to use better antennae
on the APs versus just buying more APs if I have the funding?
Fewer APs would, I suppose, reduce the cross-AP interference.

Thanks.
--
Everyone has a "Good Cause" for which they are prepared to Spam.
-- Roberson's Law of the Internet

Walter Roberson wrote:
>

> The messages about roaming that I read in the archives indicate
> that one should use the same SSID for all the APs, and that
> devices will either pick the strongest signal at any time, or
> else will hold on to a signal as long as possible.

hold the connection till the signal drops out, then the client
will search for another AP.

> Strongest
> signal would probably be good for us,

would be nice, but these aren't cell phones. It's easier to implement
searching when no connection, rather than searching as well as being
connected

> provided that the switchover
> is transparent.

it is


> Some of the messages here in the past have implied that
> to do roaming, one should be using 802.1x.

I do it with 802.11b.

> I am at present unclear on how to allow transparent signal
> movement to different APs?

the client's RF hardware handles it.

> Will this happen automagically -- e.g.,
> do the APs essentially just see packets, decapsulate (and
> decrypt if WEP is enabled) and push them onto the wire?

yes, a WAP is a bridge - it looks like an ethernet connector
at the eithernet layer.

> Does WEP
> automatically resynchronize when going to a different AP?

you have the same WEP keys on all clients/WAPs. decapsulation
is on a packet by packet basis and will happen the same between
all client<->WAP pairs.


> Ideally, we'd like to be able to have our people use whatever
> wireless card is handy (e.g., built in cards) rather than
> requiring that the cards all come from a single manufacturer.

AFAIK roaming is part of the wifi spec. All cards should do it.

> Would there be any particular reason to use better antennae
> on the APs versus just buying more APs if I have the funding?
> Fewer APs would, I suppose, reduce the cross-AP interference.

For 802.11b, you can only have 3 non-overlapping channels (say 1,6,11)
if you're using full bandwidth. If you need more WAPs to cover more
area, then you need to reduce the bandwidth of each WAP. You
can't extend the ethernet link to each WAP to more than 100m (ethernet
spec of cat5 cable). Since most of the consumer grade WAPs seem to
lock up and need to be power cycled, I'd go for more WAPs, rather than
more antenna. You're going to have to count on some of them being down
at any one time

Joe

>
> Thanks.
> --
> Everyone has a "Good Cause" for which they are prepared to Spam.
> -- Roberson's Law of the Internet

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!