Connect802 is a nationwide wireless data equipment reseller providing system design consulting, equipment configuration, and installation services.

CSS Mega Menu



November 1, 2004

Essential Wi-Fi:
For those who are new to Wi-Fi networking...
Technology and Engineering:
For the engineer and Wi-Fi network administrator...
To Infinity... and Beyond!
News from the wireless marketplace...

Essential Wi-Fi

Understanding Wi-Fi Equipment

Wi-Fi includes many different types of equipment: Access Points, NAT gateways, wireless repeaters, firewalls, and so forth.  Understanding what these types of equipment do is critical to "clearing up the confusion."  In this article, we will provide simple, understandable definitions of the most common types of Wi-Fi equipment including Access Points, Wireless Repeaters/Range Extenders, NAT Gateways, and Firewalls.

Access Point

Think of an access point (abbreviated as "AP") as being like a cell tower.  Your mobile phone uses radio waves to talk to the antenna on the cell tower.  The cell tower forwards that call to the service provider, which might route the call onto the wired telephone network.  If the phone moves away from one cell tower and towards another, it will stop sending its signal through the far one and start sending its signal through the near one, which is known as roaming.

In the same way, an 802.11 client uses radio waves to talk to the antenna on an access point.  The access point is usually plugged into a wired Ethernet network (although it doesn't have to be), and it will forward packets onto the wireless network if necessary.  This means that access points can give wireless clients access to resources on the wired network, such as a server, or an Internet connection.

Although 802.11 clients can connect directly to each other (without an access point), an access point is almost always used, especially in cases where the wireless network is intended to provide access to a wired network.  In general, in order to get access to a company's network, a wireless user must be in range of an access point.  This influences how many access points a company will need to install and where those access points can be placed.  Just like cellular signals can be blocked or have "dead zones," 802.11 wireless coverage can behave unpredictably (Connect802's Predictive RF CAD Design service can help work around this).

Access points come in varying levels of complexity and cost.  More advanced access points offer more sophisticated management and security options.  For example, a corporate-grade access point might provide the ability to configure all of the company's access points remotely, en masse, whereas an access point intended for home use might have to be configured individually.

Wireless Repeater or Wireless Range Extender

Normally, the structure of a wireless network is: Client -> Access Point -> Wired LAN (optional).  But what about cases where some clients are so far from the access point that they are out of range?  You could add a second access point, but then clients near the second access point wouldn't have connectivity to clients near the first access point.  In addition, a whole new access point might be too expensive, especially if this is a home or small-office network.

A wireless repeater (also known as a wireless range extender) creates this structure: Client -> Wireless Repeater -> Access Point -> Wired LAN (optional).  The wireless repeater acts as a "client" to the access point, and then the wireless clients attach to the repeater.  The repeater then forwards the clients' packets to the access point, effectively extending the access point's range.

Although wireless repeaters can solve some tricky coverage problems, you should realize that they impose a performance penalty of about 50%, since every packet that a client sends through the repeater must be transmitted twice (once from the client to the repeater, once from the repeater to the access point).

NAT Gateway

NAT stands for "Network Address Translation."  It is a technology in which, as packets go through the NAT gateway, the IP addresses in the packets are substituted in real-time for other IP addresses.  This means that devices on the outside of the NAT gateway (after substitution) don't ever see the real IP addresses of the devices on the inside of the NAT gateway.  Since the NAT gateway reverses the substitution on inbound packets, neither device needs to know that the gateway is there.

NAT gateways have two main advantages.  They enhance security by preventing outsiders from learning the true IP addresses of your devices.  Because of the way in which NAT works, TCP/IP conversations cannot be initiated from the outside of a NAT gateway unless the administrator explicitly allows it.  This prevents attackers on the outside from scanning the network inside a NAT gateway.  Also, NAT gateways can allow many stations on the inside to share single external IP address.  This is useful in the case where the ISP only gives you a single IP address, but you want to connect multiple computers to the Internet.

A third advantage of NAT is that the administrator has complete freedom to assign whatever IP addresses he or she wants inside the NAT gateway.  External IP addresses must be assigned by the ISP.

Chances are that if you buy an 802.11 device with "gateway" or "router" in the name, it will be able to act as a NAT gateway.  If you buy a device that is described simply as an "access point," it may not act as a NAT gateway.  You should check to make sure that the device meets your needs.


A firewall is a security device that monitors incoming and outgoing TCP/IP packets.  The firewall allows packets that it believes to be benign or permitted and blocks packets that it believes to be harmful or prohibited.  A firewall bases its decision on several common factors.

First, the firewall may be configured to explicitly allow or deny packets matching certain characteristics.  If this is the case, then that overrides the firewalls default behavior.  The firewall's default behavior is this: if the firewall observes a station on the inside of the firewall initiate an outgoing connection, it will allow inbound packets that are part of that conversation.  Inbound packets that are not part of a previously-initiated outbound conversation are blocked.

To make an analogy with the phone system, a firewall would be like a phone system where you could make outgoing calls, but nobody could make incoming calls to you.  This would completely prevent annoying or harassing phone calls, but it would also prevent anybody legitimate from calling you.  This isn't as big a deal with firewalls, since the majority of your computer's connections are outgoing, but it can be a problem if you're running a server (which accepts many incoming connections).  In that case, the administrator must explicitly configure the firewall to allow incoming connections to the server.

Most devices that act as a NAT gateway also act as firewalls.  Not all firewalls act as NAT gateways.

For more information, see the Connect802 On-Line Encyclopedia


Technology and Engineering

RF "Signal Quality"

Symbol for a '1': 1011011100 0
Received Symbol:  1011011100 1   Different bit positions: 1
Symbol for a '0': 0100100011 1  
Received Symbol:  1011011100 1  Different bit positions: 10

The receiver could determine that the symbol is closer to a '1' than a '0' even though one of the bits of the symbol was corrupted. In fact, given an 11-bit symbol, up to five bits could be corrupted without negating the receiver's ability to recover the original data--if six bits or more are corrupted, then the receiver could choose the incorrect symbol, which would result in an incorrect data-link layer checksum and a corrupt packet.

The most likely definition of "signal quality," or "PN code correlation strength" is that it is some metric of the correlation between the correct symbol-stream and the actual symbol-stream received. For example, the PHY might count the average number of "wrong" bit positions over a window of some number of symbols, where zero "wrong" bit positions equals 100% signal quality and more "wrong" bit positions results in lower signal quality. This definition should be treated as speculation until it is corroborated or debunked. If that definition is correct, then signal quality should be used as a metric of the amount of corruption in the environment between the access point and the client.

This topic is discussed in more depth in Connect802's paper, "You Believe You Understand What You Think I Said -- The Truth About 802.11 Signal and Noise Metrics," available from our white papers page .


To Infinity... and Beyond!