All Rights Reserved © Alcatel-Lucent 2008Alcatel-Lucent Enterprise Forum 2008
Supachai KhongkrittayaphanAlcatel-Lucent (Thailand)
UNWIRING THE ENTERPRISE with MESH TECHNOLOGY
2 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
• Evolutionary open solutions that protect investments
The Dynamic Communications Framework
3 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Agenda
1.Why? What? 802.11s Mesh Network
2.Mesh Architecture
3.Usage Model
4.Unwiring the Enterprise with ALU WLAN
5.Case study
4 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Why? What? 802.11s Mesh Network
5 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Why? Go Where No Wires Have Gone Before
Prohibitive Cabling CostsEthernet & Fiber Runs Are NOT Practical
Enterprise Mesh technology is wire-freeEnable deployment indoor and outdoor with backhualResilient and extensible access pointNo fiber runs neededEliminates Ethernet cabling costsReduces the need for Ethernet ports
6 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
IEEE 802.11 Family
Wireless LAN technology is standardized within the IEEE 802.11 working group (WG)
802.11b – max 11 Mb/s using 2.4GHz band.
802.11g – max 54 Mb/s using 2.4GHz band.
802.11a – max 54 Mb/s using 5GHz band.
802.11n – max 300 Mb/s (draft 2.0) using MIMO Technology for 2.4GHz and 5GHz band.
7 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Classic 802.11 WLAN
Wire Infrastructure
Legacy AP
Legacy AP
Legacy AP
BSS = Basic Service Set
STA
STA
STA
STA
ESS = Extended Service Set or SSIDRadio link
8 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
What is IEEE 802.11s?
IEEE 802.1s is
Defines how the wireless devices can interconnect to make an ad-hoc network
Specifies an extension to the IEEE 802.11 MAC by defining an architecture and protocol to support both broadcast/multicast and unicast delivery using radio-aware metrics over self-configuring multi-hop topologies
Extension of 802.11i security and 802.11e QoS protocol to operate in a distributed rather than centralized topology
~32 nodes to make routing algorithms computationally manageable
9 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
802.11s Mesh Network
Internet
Mesh 2Mesh 1
Router
Mesh portal
Mesh AP
Mesh Point (MP)
Legacy AP
Layer 2 LAN segment
Layer 2 LAN segment
Mesh Point (MP)
Mesh radio linkESS = Extended Service Set
or SSID
Wire Infrastructure
10 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Elements of WLAN Mesh Network
Mesh Point (MP)
Establishes peer links with MP neighbors
Mesh AP (MAP)
Supports communication with STAs
Mesh Portal (MPP)
Point at which MSDUs exit and enter a
WLAN Mesh
802.11 Station (STA)
Outside of WLAN Mesh, connected via
Mash AP
PortalMP
STA
External Network
MPAP
MPAP
STA
MP
STA STA
Mesh PointMesh Portal
Mesh AP
Station
12 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
IEEE 802.11s Mesh Architecture
13 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Topology Formation MPs discover candidate neighbors using beacons and probe response frames
Mesh ID, Mesh Capability Element
Mesh Services are supported by new IEs (in action frames), exchanged between associated MP neighbors
E.g. path selection information etc.
Membership in a mesh network is determined by secure association with neighbors
Simple channel unification mode
follow rules to coalesce into a common, fully connected graph on one channel
Advanced mode (multi-radio, multi-channel)
framework for flexible channel selection algorithms beyond the standard scope
14 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
MP Boot Sequence
Active/passive scanning to discover other MP
Channel selection
Begin mesh beaconing.
Neighbor MP link establishment
Local link state measurement
Routing initialization
AP initialization if mesh AP
Association Request (incl. mesh IEs, e.g., Association Request (incl. mesh IEs, e.g., RSNieRSNie) )
Association Response (incl. mesh IEs)Association Response (incl. mesh IEs)
Beacon (incl. mesh IEs, e.g., Hello, Beacon (incl. mesh IEs, e.g., Hello, RSNieRSNie, , ……))
802. 1x EAP Auth
802.1X EAP Request802.1X EAP Request
802.1X EAP Response802.1X EAP Response Access RequestAccess Request
EAP Authentication Protocol ExchangeEAP Authentication Protocol Exchange
Accept (Keys)Accept (Keys)
802.1x Success802.1x Success
Pairwise Keys / Group Keys Establishment
Secure Communications (encrypted)Secure Communications (encrypted)
Data, Mesh management framesData, Mesh management frames
MP1MP2 AS
15 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Security Framework
Provide link security based on 802.11i:
Authenticity requires that a MP is authenticated to be true before it is allowed getting in the mesh.
Confidentiality requires that no non-trusted third parties can access the messages
Integrity requires that the messages can not be altered during the transit without detection.
Support centralized and distributed IEEE 802.1x-based authentication and key management
A mesh point performs Supplicant and Authenticator roles, and may optionally perform the role of an Authentication Server (AS).
16 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Basic Security Model
New Mesh Point
WLAN Mesh Security bubble
Supplicant
Authenticator
17 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
802.11i Basics
IEEE 802.1X EAP Authentication Establishing Pairwise and Group Keys via four way handshake
18 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Routing = Path Calculation for Forwarding
Routing optimizes UnicastForwarding of frames
Between Mesh Points
To Associated stations
Nodes Participating in routing calculate best paths
Paths may change as link state changes
Routing may include support for broadcast/multicast
57
12
6
4
3
X
8
Z
Y
19 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
On-demand Routing vs. Proactive Routing
On-demand Routing: discovers and maintains routes only when they are needed.
Pros: Low routing overhead
Cons: Extra route discovery delay and data buffering
Proactive Routing: each node maintains routes to all reachable destinations at all times, whether or not there is current need to deliver data to those destinations.
Pros: Little delay
Cons: High routing overhead to keep the routing information current
especially when network topology changes frequently
HWMP combines the advantages of on-demand and proactive routing schemes
On-demand for peer-to-peer communications
Proactive route establish for communications with gateway and other important nodes
20 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Hybrid Wireless Mesh Protocol (HWMP) On-demand: Use route request/route reply to discover the route on-
demand (reduce routing overhead)
Proactive: Gateway proactively announce itself to establish route to reach it (reduce route discovery delay)
Source DestinationSource floods PREQ Source
Destination
Reply PREP
Mesh gateway floods proactive PREQ or root announcement to proactively establish the routes to it
MP may send a PREP or PREQ to the gateway to establish a path from the mesh gateway to the mesh point
22 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Internet
Challenges in Mesh networks
Mobility awareness
Client station
Network nodes
Self organizing
Redundant links
QoS support
Multi hop connection
23 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Ubiquitous Mesh Networks
WPAN, 802.15.5
Body
Single room
WLAN, 802.11s
Apartment
Office
Campus
Street
WMAN, 802.16
City
CamcorderTV
VCR
TV
TV
RadioPC
PhoneBay Networks
SD
Bay
Net
wo
rks
Bay
Stac
kA
cces
s P
oint
650
Wire
less
AP
aufwärts
Wireless VoIP
Bay Network s
SD
Bay
Netw
orks
Bay
Stac
kAc
cess
Poin
t65
0 Wire
less
Bay Networks
SD
Bay
Net
wor
ks
Bay
Sta
ckA
cces
s Po
int
650
Wire
less
B ay Netw orks
SD
Bay
Netw
orks
Ba
ySta
ck
Acc
ess
Poi
nt65
0 W
irel
ess
24 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Military Usage
Battle field communication
Usage scenarios for Mesh WLAN – IEEE 802.11s
Public safety
Emergency and disaster area communication
Residential
Consumer ElectronicsGameConsole
AP
PC
AP(Cable)
AP
AP
TV
Media/DVR Box
2 Meters
GameConsole
AP
PC
AP(Cable)
AP
AP
TV
Media/DVR Box
2 Meters
Public Access
Campus Area, Network provider
Inside APOutside APInside APOutside AP
Office
Enterprise & business networks
AP
AP AP
AP
AP
AP
AP
AP
PC PC
PC PC PCPC
PCPC
40 Meters
AP
AP AP
AP
AP
AP
AP
AP
PC PC
PC PC PCPC
PCPC
40 Meters
25 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Unwiring the Enterprise with ALU WLAN
26 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Primary Enterprise Mesh Applications
Connectivity applications
Inter-building connectivity
Outdoor campus mobility
Wire-free offices
Wireline back-up
Security applications
Video and audio monitoring
Alarms and duress signals
Industrial applications
Sensor networks
27 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Enterprise Mesh – Extending The Mobile Edge
28 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
The Easier, More Secure Way To Do Wireless
Integrated architecture for ALL enterprise wireless needs
Centralized and distributed security
Designed from the ground up for business-critical applications
Easy to deploy and operate
Centralized management tools
Mobility Controller withSecure Enterprise Mesh Module
Mobility Controller withSecure Enterprise Mesh Module
Existing Core Network Remains Intact
Existing Core Network Remains Intact
29 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Secure Enterprise Mesh - Multiple Applications
Wireless BackhaulWireless Backhaul
PT-PT LAN BridgingPT-PT LAN Bridging
30 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Secure Enterprise Mesh - Multiple Applications
PT-MP LAN BridgingPT-MP LAN Bridging
HA LAN BridgingHA LAN Bridging
31 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Client-To-Core Security with Centralized Crypto
LAN or WAN
Wireless Controller
Market Approach: Per Hop Encryption-Decryption
ALU’s Secure Wireless Distribution: Client-Core Encryption
Increased Security, Higher Performance and Scalability
AAA
Key Explosion: Security Vulnerability and Scalability Issues
AAA
LAN / WAN
32 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Deterministic Mesh Network Behavior
Auto-redundancy for Physical (RF) & Layer 2 with deterministic behavior
Traffic Shaping (hop count, node cost, path cost, latency, capacity)
Interference containment – no flapping across Mesh network
Built-In Reliability With Mesh Clusters
LAN / WAN
Mesh Cluster “1”
Mesh Cluster “2”
33 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Case Study
Mesh Deployment Details
34 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
BNSF Mesh Deployment Plans – Phase 1
Extend the network wirelesslyExtend the network wirelessly
Wireless backhaulWireless backhaul
LAN Bridging LAN Bridging
Leverage existing 802.11 infrastructureLeverage existing 802.11 infrastructure
Support Support RailyardRailyard and Business Applications over wirelessand Business Applications over wireless
CONFIDENTIAL © Copyright 2007. Aruba Networks, Inc. All rights reserved
35 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Applications
WiFi Handhelds
Ingate/outgate operations
Car repair tracking
Laptop connectivity for Mobile Users
Vehicular units
Container & trailer chassis tracking
Locomotive devices
Locomotive health analysis
Uploading event recorder data
WiFi Kiosks
Tracking locomotive repairs and
maintenance
36 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Benefits of Moving to Mesh for BNSF
Streamline network operationsCentral management, diverse control
Reduce infrastructure costsEliminate the need for wired backhaul
Reduce capital expendituresUse existing wireless infrastructure for backhaul and access
Leverage existing network infrastructureSoftware upgrade of existing wireless controllers and APs
Improve network reliabilityUse mesh clusters for backhaul redundancy
Improve RF coverage flexibilityEnable RF coverage to locations without a cable plant
37 | Forum 2008 | February 2008 All Rights Reserved © Alcatel-Lucent 2008
Future Direction: Extending the Enterprise
Continue to extend the BNSF network with Mesh
Mesh extensions in railyards and corporate buildings
Mesh as the primary backhaul connection between office buildings
Improve indoor cabling flexibilityUse mesh to reduce wiring requirements in buildings