Linux Unwired [Electronic resources] نسخه متنی

6.1 Hardware

As we mentioned, building
an access point can be a useful way to resurrect old PC hardware you
may have sitting around. Depending on where you want to install it,
you can leave it in that old bulky case or dress it up with a spiffy
waterproof case and install it outside.

One of the wireless routing nodes we built for the NoCat network
(http://nocat.net) in Sonoma
County, California, is a beige Macintosh G3/266 desktop machine. It
runs Yellow Dog Linux and has two PCI-PCMCIA converters and two Agere
Orinoco Silver 802.11b radio cards. An odd choice, you might
thinkbut we had the hardware and it has already functioned as
a wireless router for over a year as of this writing.

There are a few things you'll want to keep in mind
when deciding whether any given hardware is right for building an
access point:

Processor speed

While it might seem nostalgic to consider using a 386 or a non-PowerPC Mac
for your access point project, these machines are so slow and old
that it can be painful running Linux on them. Once you do, they
don't have the horsepower to do many neat Linux
tricks such as firewalling. Anything faster than a 486/33 is able to
act as an access point with little trouble.

Support

Older PCs can certainly be made into access
points. Bear in mind, though, that you must dig up such ancient
artifacts as ISA network cards and SIMM memory. If you need to build
on the cheap, this can be the way to go, but all hardware ages and
fails sooner or later. If you want reliability, you might want to
think about newer hardware. There's also the issue
of relying on a PC with a spinning hard disk insidethey
will fail, often when you really need them.

Standardization

You might be expanding a larger
network rather than just installing an access point in your closet.
If you build more than one access point for whatever reason,
you've just crossed over into the zone of network
administration. In this world, standard hardware is the norm, because
you can keep single types of replacement hardware on hand, and if
you're in a multisite network, it means that
everyone who's responsible is familiar with the same
hardware.

Power

Depending on where
you want to locate your access point, you must consider power
requirements. Do you really want a noisy old 486-power supply fan
blowing in your closet? One alternative is to consider DC-powered
devices, which range from a dedicated embedded PC to an off-the-shelf
access point.

Ports

In a nutshell, does the hardware
you're considering have all the right ports? Does it
have onboard Ethernet, or do you need to add a network card? If you
add that network card, do you have room for a radio card? Are there
enough memory slots? Does it have a serial interface for a console?
Do you need a console?

6.1.1 Recycled Hardware

The first thing you should
consider is whether you have any old PC hardware sitting around that
can be dusted off, turned on, and made into a Linux-powered access
point. If you're on a budget, this may be one of the
cheapest solutions, but this depends on what hardware you have, and
what you want to use it for.

At a minimum, your hardware should be able to
accommodate a Wi-Fi card and an Ethernet card. As
we've discussed already, you should not consider
using anything slower than a 486/33 processor. Additionally, if you
have old Macintosh hardware available, you can easily run Linux on
systems such as a PowerMac 8500/120. It's also
possible to run Linux on the first generation of PowerMacs, but their
motherboard are expandable only with NuBus interface cards, so
you're not going to find a radio for these models.

How much memory
you need depends on what distribution you decide to run. If you
choose to boot your system in read-only mode from a CD or Compact
Flash (CF) RAM, and use one of the custom distributions designed
specifically to be small, 16-32 MB of RAM will suffice. More RAM is
always better, of course, and if you plan on doing anything
memory-intensive, such as web caching or intrusion detection,
you'll want at least 128 MB.

The beauty of using your own or buying used hardware is that you need
very few components
to build a working system:

Motherboard

Memory

Processor

Power supply

Bootable media drive: hard disk, CD, CF

Ethernet card

Radio card

All the other components you'd usually find on a
regular PC are optional. A case is nice to keep dust off, but a box
or a large Rubbermaid container works just as well. You need a video
card, keyboard, monitor, and (optionally) a mouse for installation,
but once the access point is operational, you can boot without them.
If your hardware is really old, it may not
support booting without a keyboard. Check the options in your BIOS to
see if it will ignore a missing keyboard on boot.

All of the extraneous items that are in any old PCs can probably be
removed: floppy drives, sound cards, modems, and anything else not on
the list above should all be taken out. You don't
need them.

Another option that you should consider is an
old laptop PC. The key concern here
is PCMCIA slots. You want at least two of
them, unless the laptop has a built-in Ethernet port, which you
probably won't find in older laptops. The beauty of
a used laptop is that they are inexpensive, especially if the LCD
screen is dead (which you don't need!). As long as
it has an external video adapter or even a serial port that can be
used as a console, you should be set.

6.1.2 Small Board and Embedded PCs

So you don't have any used hardware sitting around that
is suitable for building an access point, or you want to build a
small unit that might be placed in a location where using a full-size
PC is impractical, such as mounting it in a waterproof enclosure or
installing it on your roof with a directional antenna.

However, an outdoor enclosure is only one reason you might want to
think small. Power consumption, noise levels, and available space are
all good reasons to consider a small board or embedded computer
system for building your access point. Be warned, however: building
one of these systems from the ground up may cost you at least $400.

Your options in this arena range from custom-designed embedded PCs
specifically built for communications and networking to tiny PC
motherboards that use the Mini-ITX form factor and measure only 17
x 17 centimeters. Some of the more popular options include:

Soekris (http://www.soekris.com)

Packaged in a green metal case that is improbably the color of a
refrigerator from the early 1970s, the Soekris motherboards are a popular choice
with do-it-yourself networkers. Soren Kristensen has designed and built several
custom motherboards based on the x86 architecture, and as of this
writing, he has four different models available for single purchase
or bulk quantities. All of the Soekris units are DC-powered and wired
to support Power Over Ethernet. In addition, all units have a serial
console port.

The net4801 is the newest addition to
the Soekris line. It is powered by a 266 MHz GEODE Pentium-class
processor. It sports three 10/100 Ethernet
ports, a CF slot, both MiniPCI and PCI slots, and up to 256 MB of RAM
soldered on board. See Figure 6-1 for a detailed
picture. As of this writing, in single quantities a board and case
will cost you $265.

If you need PCMCIA support, you'll want to look at
the net4521. It's a
different form factor, because the PCMCIA slots are positioned
side-by-side rather than over-under as in most laptops. The net4521
has a 133 MHz AMD ELAN processor, which is equivalent inside to a
486. It has two 10/100 Ethernet ports, a CF
slot, a MiniPCI slot, and up to 64 MB of RAM soldered on board. See
Figure 6-2. A board and case will cost you $235.

Figure 6-1. The Soekris net4801 embedded PC

Figure 6-2. The Soekris net4521 embedded PC

BARWN outdoor routers

BARWN is the Bay Area Research Wireless Network. Tim
Pozar and Matt
Peterson have
created BARWN, which has some interesting research projects,
including an easy-to-build outdoor wireless router.

At the time this idea was conceived, few commercial products were
available that fit the needs of an outdoor weatherproof design. To
this date, not many products are available that also allow you to run
a Linux or BSD operating system on the wireless router, and have it
mounted outside.

The BARWN guys put together a white paper based on Matt
Peterson's initial prototype of an outdoor router,
and that white paper is available at http://www.barwn.org.

One fine, sunny day in May 2003, several interested groups of people
converged at Tim Pozar's house in San Francisco to
assemble 30 or so of these outdoor routers. It was a messy job,
because three holes had to be drilled in each box, and those holes
then had to be filed and sanded so that barrel connectors and RJ-45
twist-lock connectors could be inserted.

Figure 6-3 shows a completed installation with the
Soekris net4521 mounted inside a weatherproof box.

Figure 6-4 shows one of these boxes in action on
San Bruno Mountain south of San Francisco, as part of the BARWN
network.

Figure 6-3. Completed BARWN Outdoor Router

Figure 6-4. A BARWN Outdoor Router in action

OpenBrick (http://www.openbrick.org)

The OpenBrick is a
hybrid, a cross
between a custom-designed embedded PC and one of the Mini-ITX
motherboards. It's designed to be a very small
server or act as a workstation, so it has onboard video, keyboard and
mouse connectors, serial ports, USB ports, onboard sound, and a Small
Form Factor (SFF) IDE connector for a 2.5-inch laptop hard drive.

However, it does run on DC power, and it features a single PCMCIA
slot, onboard 10/100 Ethernet and a CF slot. It comes standard with
128 MB of RAM and is powered by a 300 MHz fanless Geode processor.
Figure 6-5 shows the back of an OpenBrick. As of
this writing, an OpenBrick will set you back a cool $360.

A newer model, the OpenBrick/E, is powered by a Via C3 533 MHz
processor and features three Ethernet ports, but has no PCMCIA or PCI
bus slots, which makes it less useful for building an access point.

Figure 6-5. The OpenBrick

Via Mini-ITX PCs (http://www.viavpsd.com)

Via developed the Mini-ITX format, which defines a motherboard of 17
x 17 centimeters. It offers a range of motherboards in the
EPIA line, with processor speeds from 500 MHz to 1 GHz. They are
intended to be general-purpose PC workstations, so they come with a
wide array of features: onboard Ethernet, video, sound, USB,
FireWire, IDE interface, and a single PCI slot.

The Via motherboards can all be powered by an external DC adapter if
you wish, but their power requirements are such that adapting them
for use with Power Over Ethernet is not advised. You can simply boot
from a standard IDE hard disk, or if you are using a CF-to-IDE
adapter, boot a Via (or any PC) from a CF card. (See Section 6.1.3 later in this chapter.)

If you want a silent unit, make sure that the EPIA motherboard you
buy is powered by the Eden ESP processor. This is a low-power
processor that requires cooling only from a heatsink instead of a
processor fan. The Via C3 processors are available at higher clock
speeds, but they require a fan.

Older models of the EPIA M motherboards are widely available, and you
can find them with 500 MHz Eden processors. If you buy them on eBay,
these motherboards can be purchased for as little as $50. If you buy
them new, they are pretty easy to find for $100.

Via's newest EPIA motherboard is the
EPIA
MII, which seems to be designed specifically for our purposes. Not
only does it have a fanless Eden processor, it features a PCI slot, a
CardBus slot, and a CF slot. All you need to
build an access point with this motherboard is a power supply,
memory, radio card, and CF card. As of this writing, the MII can be
purchased at http://www.mini-itx.com for $218. Figure 6-6 shows the MII motherboard in detail.

Figure 6-6. The Via EPIA MII motherboard

There are many other embedded PC designs on the market. One example
is the PC-104 motherboard standard, which is
commonly used for industrial applications. However, obtaining PC-104
boards in small quantities is very expensive. The motherboards offer
low performance compared to the other options we've
already discussed, and the cost alone is prohibitive.

6.1.3 Bootable Media

Your new custom access point will run a general-purpose
operating system rather than a custom operating system designed for
embedded processors, so you will need a bootable media device.

There's nothing wrong with using a hard disk. After
all, they are inexpensive and reliable, and if
you're using recycled hardware, you probably already
have one. Hard disks have their own set of problems, however. They
are mechanical devices, with limits to the temperature and humidity
that they can withstand. They generate noise, draw a fair amount of
power, and are fragile. Mechanical devices, no matter how
well-designed, are going to fail eventually. If your access point
needs to be small and quiet, or needs to run on Power Over Ethernet
or be installed outside, you should consider other bootable media
options.

A CD drive shares some of the same caveats
as a hard disk. It's a mechanical device, it
isn't suited to run at high temperatures, and it is
fragile. The cost for generic CD drives is very low; they can be
purchased new for less than $30. Again, if you have recycled
hardware, you may already have a spare unit.

Using a CD as bootable media is advantageous because the device is
read-only. This makes it rather resistant to malicious hackers,
because system files cannot be changed without physical access to the
machine. This is also a disadvantage, because making configuration
changes is rather difficult, and any configuration you do change
won't be saved if you need to reboot. There are
several Linux distributions specifically built to boot from a CD, and
we discuss them in Section 6.2.

A third option is to skip using bootable media altogether and
boot your device from the network. Several of the small board PCs
support Preboot eXecution
Environment (PXE), which is a technology developed by Intel. You can
find out more on PXE at the following link: http://www.intel.com/labs/manage/wfm/wfmspecs.
Most PCs sold since 1999 support PXE booting in their BIOS.

PXE allows you to tell a device that it will obtain booting
information from another device attached to a network. In practice,
this works only on a wired network, because PXE is designed for
Ethernet cards. A PXE boot over a wireless network would require
wireless drivers to be built into a device BIOS. You would then have
to set up a PXE boot server, which answers requests from PXE boot
clients and feeds them the code necessary to start up. This is a
pretty advanced setup. You can get tutorials on how to set up PXE
here: http://www.kegel.com/linux/pxel.

Your last option, and one that we recommend, is to use
flash RAM as the boot device. While PCMCIA
flash cards are available, they tend to be expensive and are not as
widely available as the CF cards. CF cards are now available in
sizes up to 1 GB of storage. Several of the motherboards that we
discussed earlier have CF slots included. 128 MB cards can be found
for less than $40, and 256 MB cards can be found for under $50.

Compact Flash cards have many advantages. While they
aren't nearly as cost-effective as a hard disk, they
are tiny, lightweight, consume almost no power, can operate in
high-temperature conditions, and can be dropped with no consequence.
They can be rewritten many thousands of times. However, CF cards can
eventually be written too many times, but you can avoid this by using
a Linux distribution that mounts the CF as read-only. We cover how to
do this later in the chapter.

It's even possible to use CF cards on any system
that has IDE connectors on the motherboard by utilizing a CF-IDE
adapter card. These devices have a slot for the CF card, an IDE
connector, and a power connector. You attach the adapter to the IDE
bus on your PC with a standard IDE cable. The CF card should appear
to your PCs BIOS as a standard IDE device.

A great source for CF-IDE adapters is
Mesa
Electronics. You can find a whole range of adapters on its web page,
including adapters for Smart Media cards and Memory Sticks, and other
small flash cards that are widely available. Check out http://www.mesanet.com/diskcardinfol for
more details on the cards it offers. Figure 6-7
shows the model CFADPT1, which has both IDE and SFF-IDE connectors.

Figure 6-7. CF-IDE adapter

The CF-IDE adapters from Mesa are something to consider if you want
to build an access point from an old laptop. Suppose you have a
Pentium-based laptop with two PCMCIA slots. You will need one slot
for a radio card and the other for an Ethernet card.
Mesa's adapters have an SFF-IDE connector for the
small-form IDE cable that laptops use, so you can boot your laptop
from CF. Mesa also sells the SFF IDE cables, which can be hard to
find in retail outlets.

6.1.4 Radio Cards

In Chapter 2, we covered
all the steps you would need to get a number of different wireless
cards working with various Linux distributions. We showed you how to
use the Wireless Tools to change operating modes of your radio card.

Most 802.11 Linux card drivers support at least two modes: client
(Infrastructure) Mode, also called managed mode by the Wireless
Tools, and ad-hoc mode. Some cards and their drivers support a third
monitor mode, which we discussed in Chapter 3.
There is a fourth mode, master mode, that is of prime importance when
building your own access point.

6.1.4.1 Master mode

A commercial access point has multiple
functions. Not only does it have an 802.11 radio of some kind, but it
also functions as the Master of any client radio that connects to it
in Infrastructure mode. The access point broadcasts beacon frames,
which advertise the SSID of the access point to clients. Once a
client associates with an access point, the access point manages all
radio communication. When multiple clients associate with an access
point, the access point follows a set of algorithms to control radio
traffic.

These access points usually have a separate onboard chipset that
provides the additional functionality besides the 802.11 radio, or
the radio card inside the access point is loaded with
tertiary firmware, which gives the card access
point capability.

In our case, we can't rely on custom chipsets to
provide access point functionality to our radio cards. Depending on
your particular radio card, the tertiary firmware may be an option.
We discuss the ins and outs of flashing tertiary firmware to your
radio card in Section 6.2.

So where does that leave us? There are at least two types of chipsets
and associated drivers that allow the use of master mode in the
driver:

Prism 2/2.5/3-based radio cards with the HostAP driver

Atheros-based radio cards with the Madwifi driver

When set to master mode, these cards do not actually provide a full
802.11 access point. They only broadcast the beacon frames that
advertise an access point to clients. The HostAP and Madwifi drivers
actually take care of the 802.11 management functionality that would
otherwise require a separate chipset or tertiary firmware.

In addition, if you have a Lucent
WaveLAN IEEE/Orinoco/Agere 802.11b radio card, there are a couple of
options you can use to have your card act as an access point. The
HermesAP project is a modified version of the orinoco_cs driver that
allows use of the tertiary firmware for Orinoco cards. While the
driver does not include the tertiary firmware, it does provide
instructions on where to obtain the firmware.

The second option is an updated driver from Agere. This driver is not
available from any of the other Orinoco manufacturers, including
Proxim. This driver is an updated version of the wavelan2_cs driver
and has been renamed wlags49_cs. The driver includes support for
master mode. We set up these drivers in Section 6.2 of the
chapter.