home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] Heavy-duty linux wifi access point / server?

On Wed, May 9, 2012 at 2:43 PM, Brett Delmage
<Brett [ dot ] Delmage [ at ] twobikes [ dot ] ottawa [ dot ] on [ dot ] ca> wrote:

> I expect an i7 linux workstation I have could keep up with the web
> requests.

You are focused on the wrong problem. A netbook would likely handle
the traffic you outlined.

> So I'm wondering what it would take in equipment, especially wifi, for me
> to set something up like this? I would NOT be able to set up any more than
> one AP (or at least one AP location), given the physical limitations of
> the setup, out of my control.

This is the problem. The last "rule of thumb" I heard was that a
single AP can handle about 20 to 25 clients (per channel) before the
wireless gets saturated. It is a physics problem. I am not sure if
that is active clients, or just the number of clients associated with
the access point at one time. I would not be surprised if it was just
the number of associated clients. There is a good bit of chatter
between the AP and clients.

There are only three non-overlapping channels in the 2.4GHz band. You
could use three radios, on channels 1, 6, 11. Ideally with three 120
degree sector antennas pointed in different directions. That could
potentially bump the number of clients up to 75. However,  I am
guessing that you would only get about 60 clients total as clients
would bounce back and forth between access points. You could add more
clients with APs running in the 5Ghz range (802.11a and some n) .
There are lots of channels in the 5GHz range, but there aren't nearly
as many 5Ghz devices as 2.4Ghz devices. 802.11n devices may operate in
either or both bands, but many 802.11n devices are only 2.4Ghz.

You don't need a dedicated AP. Alfa makes or made usb WIFI devices
that are supported under Hostapd and Linux. You server could be the AP
as many radios and you want.

Another option is to run the AP in one corner and tell your
participants that if they want access to go to that area. You may want
to turn down the transmit power to limit the range and number of
connected clients.

Also don't forget to use WPA2. It sounds wrong, but even if everyone
knows the WPA passphrase it is "hard" to sniff another clients traffic
as there is a separate encryption key per client. There is a single
group key for broadcasts, but broadcast information isn't that
interesting. There is an attack, but IIRC it only works against WPA2
in enterprise (radius + x509 cert) mode, and it is fairly hard to pull
off. Of course there is always the potential for a man-in-the-middle
attack with a rogue AP but that is always a problem with WiFi.