Building blocks of Wi-Fi

This section brings up different building blocks that are used to build wireless networks.

In a Wi-Fi home network, you often have one or more wireless laptops, computers, Smart TV’s, tablets, phones and other wireless devices. What all of those have in common is that they are commonly referred to as clients. Clients are devices that want to utilise the wireless service that a Wi-Fi router or access point is providing.

So the key to the perfect wireless home network is the Wi-Fi router or access point that all other clients connect to. Most home users probably just have a single home router with Wi-Fi. What that means is simply that the home router has a built-in Wi-Fi access point with one or more antennas.

A wireless network is not limited to having a single access point. It could consist of up to hundreds of access points in an enterprise network. Such a network is out of scope for this guide, but the components and building blocks are the same no matter the size of the wireless network.

Wi-Fi example network topology

Product Types

There are a number of different types of products that have built-in Wi-Fi in one way or another. Here we will go through the most common.

Home router with built-in Wi-Fi

Many routers for home use have built-in Wi-Fi today. Just like the router has a built-in switch where you can connect computers using network cables the router also has a built-in Wi-Fi access point. Both the switch and the access point belong to the inside LAN of the router.

These devices are of very varying quality and there are many low-cost, low-quality Wi-Fi routers out there. If you are buying or getting a new router today and you have a smaller apartment or house then you should probably be okay with just getting a home router with built-in Wi-Fi. Opt for a router that can handle at least 802.11n with N300 rating. Much better is if you could get a router that is 802.11n capable with simultaneous Dual Band and communication over both the 2.4GHz and 5GHz bands, which means you will get a router with N600 or better rating.

However, if you have the extra money to spare you should absolutely choose a router with 802.11ac Wi-Fi with AC1300 or higher rating. If the device also has MU-MIMO support then you would potentially improve your wireless home network greatly.

Access Point

An access point is a Wi-Fi device that acts as a hub device for your wireless network. An access point can announce a wireless network that clients can connect to, just like a wireless home router does. Then the access point will let wireless clients communicate with each other via the access point, and it will also forward traffic between its wireless antenna and its wired LAN connection to the rest of the network.

Wireless Access Point

However, the access point does only that and nothing else. It doesn’t do any of the other things that a router can do.

These access points are very common at enterprises and bigger corporations because a corporation doesn’t want to litter the place with routers. Instead, they want to use simpler access point devices for their wireless network, and they want to be able to spread those access points out all over the company so that no matter where you are you will be within reach of a wireless access point. The access points will then be mounted in the ceiling or on the walls.

So an access point just does one single thing, and that is to act as a connection point for the wireless network.

If you would use multiple home routers to accomplish the same thing then you would run into problems because one of the things that each home router will do is to create a separate LAN network on the “inside” of the router, which the Wi-Fi network belongs to. So unless you take quite a few steps to avoid it then if you were to use home routers with built-in Wi-Fi your network would become segmented into multiple smaller LAN’s, making it impossible for the computers to talk with each other.

By instead using access points then each access point just announces a wireless network, but all of them will belong to the same inside LAN that your home router has created. So all computers and other devices will be connected to the same LAN still, even if they have connected to different access points.

Most access points are developed for the enterprise market segments, so they tend to be more expensive to buy compared to just buying a home router with built-in Wi-Fi. As long as you can cover your whole living space with a single access point it is usually both simpler and cheaper to just buy a single home router with built-in Wi-Fi. But if you want to build a bigger and better home network then the best way of doing so is by using access points.

(Wireless) Client

Clients are all wireless devices that connect to wireless access points. They can be laptops, mobile phones, tablets, computers with wireless network cards, Smart TV’s with built-in Wi-Fi, NAS connected storage devices, wireless printers and so on. Anything that can connect to a wireless network to communicate can be called a “client” within wireless.

Building Blocks

The most basic type of wireless network is something called a Basic Service Set or “BSS”. It consists of a wireless access point that announces a wireless network, also known as an SSID or Service Set Identifier, which is the name of the network paired with the settings of the network. The clients are the devices that connect to that wireless network.

The BSS forms a radio cell which reaches as far as the radio waves can travel from the single access point.

Wi-Fi Basic Service Set BSS

A common problem that a lot of people encounter is that your villa, house or apartment is simply too big, so the radio signals from a single Wi-Fi router can’t reach every part of your home. Or perhaps the signals do reach everywhere you intend to use the wireless network, but the signal strength or signal quality is too poor so using the wireless network becomes almost impossible.

What you could do then is to add another access point that you connect to the same LAN network. If you configure the exact same settings for the wireless network on both access points then you can get something called an ESS or Extended Service Set.

Wi-Fi Extended Service Set ESS

But there are multiple caveats with this type of solution that most people run into when they try to extend their wireless network. The different caveats can lead to different type of problems with the wireless network.

Later in the wireless section we will go through what you can do to extend your network by showing you both good ways of doing so as well as other more sub-optimal but still common ways of extending your network.

SSID: The Wi-Fi network name

The SSID is the name of the wireless network as the Wi-Fi Access Point announces it. This is the name that you will see when you scan for available networks within reach on your client, for example when you want to connect to a wireless network on your phone or your computer.

Home routers with built-in Wi-Fi often come pre-configured with an SSID that can be used. But you can also change the SSID to another name of your own choosing.

A lot of routers will let you choose to either show or hide the SSID. A hidden SSID will not show up if you scan for wireless networks, but you can still connect to that SSID if you know the details and enter them manually in your client.

Some home routers list this function as a “security feature”. Do not let this fool you however into believing that hiding an SSID has anything to do with security or increasing security for your wireless network.

A hidden SSID will not protect you against hackers or prevent people from accessing your wireless network. The only thing it achieves is that the SSID will not show up if you look in the regular wireless network scan on your client. But for somebody who actually wants to find your network they will find it no matter what.

In fact, it is actually slightly more “secure” to show your SSID instead of hiding it. If the SSID is hidden, then the wireless clients that you have manually configured to connect to that SSID must continually try to send out probes to detect if your SSID is available nearby. This would then have some potential impact on your privacy since your mobile will be acting as a beacon in your pocket. Not perhaps a big issue for most people, but at least remember that hiding your SSID will not increase your wireless security.

It is easier for both yourself, your family and your friends to connect to your SSID if it is visible. With a hidden SSID you have to manually configure any devices that you want to connect to the wireless network.

Security

You should always enable encryption for your wireless networks. Encryption is a built-in function that is easy to activate in both your access point or home router and your clients. Most home routers these days come pre-configured with encryption enabled for the wireless network. Remember that a wireless network sends all communication via radio through the air. Anybody within reach of the signal can read the radio messages. Unless you have encrypted the communication anything you send over the wireless network will be accessible to anybody within reach.

You also have to choose which type of encryption that you want to enable on your wireless network. Actually, it is not so much of a choice since all but one of the options are more or less obsolete. If your router comes pre-configured with encryption enabled (which it should) then you should check which encryption that is implemented and change it if necessary. Here are the available encryption options:

WEP: extremely bad security

WEP encryption was useless even when it was first released in 1997. To use WEP is almost just as bad as sending your secret messages in clear text over your wireless network. It is completely broken. Do not use WEP encryption on your wireless network.

WPA: Okay security

WPA has got a few lesser security flaws but has not yet been completely broken. But why would you use anything that is less than perfect? There is no reason today why you would choose WPA security on your home network in favor of WPA2. Do not use WPA unless you have to for some reason.

WPA2: Good security

WPA2 is the only encryption type that you should consider using for your wireless network. But you still need to use a secure password for your wireless network.

You will configure the password on your Wi-Fi router, and then again on the clients the first time you connect them to your network.

MAC address filtering

MAC address filtering is based on building up a list of accepted MAC addresses in your home router or access point. Only clients with the listed MAC addresses are allowed to connect to your wireless network.

This initially sounds like a proper security feature and it makes people feel more secure. MAC addresses are normally unique, so surely if you make a list of allowed MAC addresses then nobody else will be able to connect to your wireless network?

Unfortunately, MAC address filtering is completely unreliable and should not be used as a security feature on your wireless network.

Implementing MAC address filtering will make it more complicated to connect to your wireless network. Every time you want to connect a new device you have to check what MAC address that device has on its wireless network card, and then add that MAC address to the MAC address filtering function.

But in reality, the function doesn’t add any security. All MAC addresses are completely visible in the wireless communication even if you use encryption. So anybody who is listening on your radio communication can see which MAC addresses that are in use and that are allowed. Then they can simply change their own MAC address to one of the allowed MAC addresses to gain access to the wireless network.

Instead just simply rely on the WPA2 encryption which you should have enabled anyway. The encryption with the secret key will protect your network.

Previous part:
Wi-Fi standards

Next part:
Common Wi-Fi network solutions