150Mbps internet in a Faraday cage

tl;dr Got some crazy fast broadband but live in a nuclear bunker? Good 5GHz routers, like those made by TP-Link, can penetrate thick concrete walls well, but you might have to buy two and run some cable.

This is kind of a how-to that I’m sharing for 2 reasons: 1) the internet has lots of information for either network admins or clueless home users, but nothing for those in between; 2) the StackExchange-Stasi rejected me because I wasn’t using Cisco AP’s to build a triple-node WW(L)AN with a moon-reflected, intercontinental 900MHz P-t-P-t-P-t-P bridge and phallus-configurable Juniper VPN firewalls. Ahem.

 The Problem

So you signed up to Virgin Media’s 152Mbps service thinking “Yeah! Screw you ADSL-toting bastards!” and didn’t fully consider the practicalities of piping this kind of bandwidth around your old flat with foot-thick concrete walls which - remarkably - feature a built-in Faraday cage (I guess wifi wasn’t a consideration back in the day.)

In my case I really didn’t consider the practicalities at all. After activation I sat down at my desk, whipped open speedtest.net, and hit ‘Start test’. The anticipation was indescribable - I couldn’t have stood up if I wanted to, lest face upturning my desk and spraying the contents of fifty-four sixth- to quarter-full Diet Coke cans on the opposing wall.

The moment of truth arrived… 29Mbps. Whaaaaaa?

Having rapidly regained my ability to stand, I called Virgin Media to see if it had been activated. It had.

VM: “Hold on, sir, I’m just going to change the wifi channel.”

Me: “You have remote access to my network? What the fuck? No, don’t do that.”

VM: “Ok, sir, if you could take your computer to the modem and plug in with an ethernet cable, and run the test again.”

Me: “Alright, but prepare yourself to do whatever it is you’ll do when I tell you in a minute that nothing’s changed.”

So I ran the test. 156Mbps.

Me: “Well now I feel like a tit. Sorry. My bad. Bye.”

VM: “Have a wonderful day, sir, bye.”

It will never cease to amaze me that these guys in Indian call centres take so much abuse from us Brits and remain convincingly cheery. Maybe I just don’t understand the subtleties of the accent.

 Technical Diagnosis

Turns out there were quite a few issues hampering my connectivity.

  1. The 2.4GHz spectrum was crazy crowded, which meant that none of my AP’s would enable 40MHz mode (which bonds two channels to double theoretical throughput from 150Mbps to 300 Mbps)
  2. Foot-thick concrete really is an issue, especially when - as I discovered - it’s the kind that has embedded (ceiling to floor) tight-mesh chicken wire for the attachment of cabling during construction.
  3. The wiring around here isn’t exactly new, meaning no matter what I tried, my Powerline adapters were topping out at 60Mbps.

All in all this meant that in the same room as an AP you could pull ~80Mbps (using a relatively beefy TP-Link 1043ND.) A single wall knocked this down to 45Mbps.

What about 5GHz routers, which can operate at up to 600Mbps, and (for now) are much more likely to be able to do so because the spectrum is relatively clear? Well 5GHz has a much shorter wavelength than 2.4GHz (remember λ = c/f ?), around 6cm (vs 2.4GHz’ 12.5cm) which means it’s pretty shit at getting around/through obstacles. So…convincing myself that 5GHz routers couldn’t penetrate these walls at all, I started entertaining visions of dropping ethernet from the attic to a 5GHz AP in every room. Given the price of these things at the moment, this wasn’t doable.

 The solution

The nice people over at Aerohive have made a free wifi planning tool to see the performance of a planned wireless network.

Aerohive planner - dark orange is good

Wifi planning - orange is good

It’s pretty cool - you find your place on Google maps, draw a box around it, draw the inner walls (you can select from a good number of materials for walls, doors, windows - the only free tool I could find with such a feature), and stick AP’s around the place. It then draws a heatmap of data speeds. It works with 2.4 and 5GHz (granted you can only choose from their AP’s, but it’s good enough to get an idea), and you don’t need to worry about wandering around your house with a tape measure figuring out distances, you just need to estimate wall locations relative to your roof as Google maps sees it. It’ll even automatically figure out how many AP’s you need and where to put them. It’s a really great tool.1

Apparently I only needed 2 decent 5GHz AP’s to cover the house. I’d still need to drop ethernet, but not all over the place, which is good because now I don’t need a thousand surface boxes, a patch cabinet in the cupboard, yadda yadda.

In the end I got a TP-Link W8980 which is a dual-band router with built-in ADSL modem (you don’t have to use it, but it’s there if you move house).

TP-Link TD-W8980

Pretty sexy, innit?

I can’t say enough good things about TP-Link. They’re cheap, the build quality is excellent, the feature-set is awesome for consumer-grade equipment (and many support dd-wrt/OpenWRT if you need more), and they offer a 3-year warranty and 24-hour technical support as standard. They also make enterprise-grade kit, so you know that they know what they’re doing. Use them.

For the other AP, I bought a new 802.11ac SuperHub from Virgin Media for £20 - make no mistake, you will not get a cheaper 802.11ac router anywhere (802.11ac is the new wifi standard, allowing transfer speeds of up to 1.7Gbps, but unless you’ve got some very new kit, you probably don’t own anything that can talk that quickly, which isn’t an issue because it works in 802.11n mode just fine.)

They’re at opposite ends of the house and connected via a single ethernet cable. On both routers, the 2.4GHz and 5GHz SSIDs (wifi network names) are the same and are set up with the same security settings which means that you only have to deal with one wifi network/password: 5GHz devices will prioritise the 5GHz network, and 2.4GHz devices will only see the 2.4GHz network. But note that if the new 5GHz network has the same SSID as a previous 2.4GHz network your device already remembers, you may have to delete that configuration from the device and reconnect manually to get on to the new, faster 5GHz network.

Some suggestions

Some SSID suggestions, courtesy of Google images

Now the SSID might be the same across the board, but the channels on each router must be different, so they don’t interfere with each other - for example:

  2.GHz SSID 5GHz SSID 2.4GHz Channel 5GHz Channel
Router 1 I-Hate-BT I-Hate-BT 1 36
Router 2 I-Hate-BT I-Hate-BT 11 48

Note that I’m only showing one channel per frequency, in reality it’ll be two because of the channel bonding, but you shouldn’t have to select that manually. Also, don’t believe these semi-professional forum dwellers (you know the kind who consider forum dwelling so important that they make little post signatures with made-up job titles and smiley faces in them) who spout bs like “just set channel to auto and it’ll figure it out” - there’s been many empirical studies of how good these channel selection algorithms are and in general they’re pretty shit. Take the time to scan for wireless networks and figure out the best channel to use, especially in the case of 2.4GHz. Try out a few before deciding, and don’t use two adjacent channels (spread them out as far as possible.)

And you’re done. This set up gives 150Mbps internet in every room, but LAN devices can talk to my NAS at the full speed, which is great because there’s no network lag - writing to a network drive is like writing to a local disk. In fact I’m pretty sure the bottleneck there is no longer the network speed but the write speed of the 7200rpm drives.

So now you just need to find a way to use all that bandwidth. How about downloading the 5.1GB OS X Yosemite beta in 10 minutes? Fuck me. Turns out bandwidth is like a good drug habit: enough is never enough. Just ask my mother who, given a taste of my new connection, crashed her MacBook streaming 20 1080p videos at once. Somebody call Nancy Reagan.

  1. And in my opinion, Aerohive, you’re not making nearly enough of a song-and-dance about it. Remove the signup form, allow generic AP’s, charge for more than one floorplan, promo your own AP’s inside the app, and voila: a good revenue stream. 


Now read this

Should we make a working group to kill X.509?

tl;dr banter on HN isn’t enough, sign up here to actually do something So yesterday I wrote an article about the flawed security of X.509 which you can read here. When it was about 2/3 complete I showed it to my best mate and said “I... Continue →