Patent Grant
7852819
Wireless computer networks comprise mesh networks that include at least one node connecting the mesh network to a wide area network (WAN) through a backhaul connection. The WAN can comprise, for example, the Internet, and the backhaul connection node is referred to as a gateway. The backhaul connection node typically comprises a cable interface (cable modem) or DSL interface or the like, comprising a wired broadband connection. Other nodes of the wireless network typically comprise wireless access points that communicate with the backhaul connection. Devices that can operate as wireless access points include wireless routers, wireless bridges, so-called repeaters or range extenders, and the like. A wireless network typically includes a single wired backhaul connection and multiple wireless access points. Client devices may gain access to the WAN (Internet) through wireless communications with one of the access points or through a wired connection with the backhaul connection. The client devices can comprise a wide variety of devices, such as laptop computers, PDAs, and other handheld devices.
Deployment of wireless networks is hindered by the requirement for the wired backhaul connection node. The wired backhaul connection fixes a single geographic location as a limiting point of the wireless network. Repeaters can extend the geographic reach of the wireless network, but all network traffic must ultimately move through the backhaul connection. This limits the capacity and bandwidth of the wireless network. Greater deployment of wireless network, and easier operation, would be possible if greater flexibility was possible in connection with obtaining network connections to the WAN.
One network can be joined to another network by means of a bridge. The bridge receives packets over the first network and forwards the packets in accordance with destination address information of the packets. To properly forward messages, a bridge constructs a routing table of network addresses. Bridges are of relatively simple construction and can be an economical way to expand the coverage of a network. It is possible to configure a wireless access point in a wireless network to act as a bridge, according to a wireless bridging protocol such as Wireless Distribution Service (WDS). If two wireless access points (routers) are configured to support WDS, one of them can act as a client router and the other acts as a host router. The client router has no Internet connection of its own, whereas the host router has an Internet connection and shares it with the client router. A WDS-enabled access point wireless bridge must be specially configured for using WDS, which requires specialized support. The WDS also consumes some of the wireless bandwidth for overhead.
From the discussion above, it should be apparent that there is a need for wireless access points that can be more easily and economically used in connection with more than one network. The present invention satisfies this need.
Described herein is a network traffic device for a managed network in which the network traffic device receives an uplink identifier (ID) that identifies a wireless network for uplink communication using a network communication protocol, performs a scan of wireless networks and produces identical first and second lists of access points identified by the scan and wireless networks with which the identified access points are associated. The network traffic device then deletes access points from the first list that are not suitable for use as an uplink for the managed network and deletes access points from the second list that are not members of the managed network, and associates with an identified access point that remains in the first list and operates as a gateway to neighboring access points for the uplink wireless network of the uplink ID, or joins an existing wireless network identified in the second list by the performed scan if no identified access point remains in the first list, and otherwise operates as a gateway and permits client devices to associate for a predetermined time and then repeats performing the scan of wireless networks. In this way, the network traffic device easily operates as a bridge between two wireless networks, without the overhead of protocols such as WDS, and can operates as an uplink from the managed network to independent external networks.
Other features and advantages of the present invention should be apparent from the following description of the preferred embodiments, which illustrate, by way of example, the principles of the invention.
The present invention provides a network traffic device for a managed network in which the network traffic device receives an uplink identifier (ID) that identifies a wireless network for uplink communication using a network communication protocol, performs a scan of wireless networks and produces identical first and second lists of access points identified by the scan and wireless networks with which the identified access points are associated. The network traffic device then deletes access points from the first list that are not suitable for use as an uplink for the managed network and deletes access points from the second list that are not members of the managed network, and associates with an identified access point that remains in the first list and operates as a gateway to neighboring access points for the uplink wireless network of the uplink ID, or joins an existing wireless network identified in the second list by the performed scan if no identified access point remains in the first list, and otherwise operates as an access point and permits client devices to associate for a predetermined time and then repeats performing the scan of wireless networks.
Thus, the network traffic device constructed in accordance with the invention can operate as a client host, to receive packets from the managed network and forward them to an uplinked external network, thereby operating as a gateway to the uplink network and perform a network address translation (NAT) function for the managed network relative to the uplinked network.
Network Configuration
All of the devices 106, 108 are capable of communicating with each other over a wireless network communications protocol specification, such as the 802.11x family specification of the IEEE, also referred to as “wireless broadband” or “WiFi”. The devices 106, 108 define a managed network 110 whose member devices communicate with the host computer 102, also referred to as the backend server. The managed network 110 includes component local mesh networks that are identified with a letter suffix (“a” or “b”) so that references to the local networks without their suffix are references to the local networks collectively as the managed network. When it is necessary to refer to a particular local network 110a, 110b, the suffix identifier will be used.
The traffic devices 106 in
The mesh network 110 is operated under the control of a network owner 112, who can access management tools through a network portal interface of the host 102. Therefore, the network owner 112 is illustrated in
The gateway devices 106a, 106b are also capable of network communications via a wired connection, such as Ethernet. The clients 108 can also have this dual capability. Thus, the managed networks 110a, 110b can include devices that are capable of communicating over both wired connections and wireless connections. In this discussion, the traffic devices 106 will also be referred to as routers or nodes of the managed networks. Thus, nodes as used herein comprise devices that can communicate over the managed networks 110 and can send data messages from other nodes toward destinations outside of the managed network, such as over the Internet 104 toward the host 102.
In
For example, a user may have a managed network within a space, such as a business or home, but not have DSL service or a cable modem that would provide Internet connectivity. If at least one end of the space is within the reach of another wireless network (e.g., the external network 120 of a neighbor) that is connected to the Internet, then Internet access may be gained through the neighbor network after appropriate access provisions are settled. In the case of using the neighbor network, the user may configure the managed network to use the neighbor network as an uplink to the Internet. Any traffic device 106 that is, or are, sufficiently close to the neighbor network can act as an uplink gateway for the user's managed network. Thus, the uplinked traffic device operates as if it were plugged into a cable modem or DSL modem and thereby routes traffic from the managed network onto the neighbor wireless network. It is not required that the uplinked neighbor network is a managed network in accordance with the invention.
Network Operation
In the first operation, illustrated by box 202 of
At box 204, the traffic device operates in a scan mode in which it scans for wireless networks and produces two identical lists of the wireless access points it locates and the corresponding wireless network SSID information they advertise. The two lists will be referred to as list L1 and list L2. Next, at box 206, the traffic device deletes from list L1 all wireless access points that are not sufficient for communication as an uplink. In particular, the traffic device will delete all access points that do not advertise the configured uplink SSID, and will delete all access points that have a received signal strength indication (RSSI) less than 8 dB above the noise floor. The RSSI requirement ensures that access points with a poor connection to the traffic device will be ignored. At box 208, the traffic device deletes from list L2 all wireless access points that have a MAC address that indicates they are not members of a network being managed in accordance with the invention. After this operation 208, list L2 will be a list of neighbor traffic devices that have compatible operation with the traffic device to be operated as an uplink.
In the managed system 100, all traffic devices are self-configured such that they are assigned network addresses based on their MAC address. Thus, all traffic devices that operate in accordance with the invention to provide a managed network will have the ability to determine the network address that should be assigned to a compatible neighbor traffic device. In this way, a traffic device will readily know if a neighbor router is a compatible device simply by examining its network address and its MAC address. The self-configuration processing is described in greater detail in the application entitled “Node Self-Configuration in a Wireless Network” by S. Biswas et al. filed on the same date as the present application.
At the decision box 210, the traffic device checks to see if there is at least one wireless access point in the list L1. If there is at least one entry, an affirmative outcome at box 210, then at box 212 the traffic device will select the access point in L1 with the highest RSSI value (i.e., select the AP with the best connection to the traffic device) and will obtain an IP address from the access point. This operation will involve associating with the selected access point and providing a DHCP request to obtain an IP address. Upon receiving an IP address, at box 214, the traffic device will switch from the scan mode of operation to a gateway mode of operation in which the traffic device behaves as if the device were physically plugged into a network by Ethernet or the like at the uplinked network. In accordance with gateway operation, the traffic device will “advertise” itself as a gateway for any other nearby traffic devices. The uplinked traffic device now serves as a NAT device (gateway) to route packets from the managed network to the uplinked wireless network. The traffic device continues operation in this fashion, unless the traffic device fails to receive an IP address from a DHCP reply message. If the device fails to receive an IP address at box 212, or if at the decision box 210 there are no access points in the list L1, the processing proceeds to box 220 of
At box 220, the traffic device checks to see if it was configured as a “gateway only” device. If its configuration is set to “gateway only”, then at box 222 the traffic device will perform a “scan wait” mode of operation. In scan wait mode, the traffic device will allow clients in the area of the managed network to associate. That is, clients will be able to login to the managed network through the traffic device. Because the “gateway only” traffic device is configured to operate as an uplink (box 202) but has not yet received an IP address (box 212) or has not yet located a suitable access point (box 210), users will see a managed network host display (i.e., a Web site, such as on http://my.meraki.net/) indicating that the wireless uplink is unavailable. After a predetermined time, such as three minutes, the traffic device will switch to the scan mode if no client devices have logged in. This return to scan mode is indicated at box 224 with a return to box 204 of
A variety of hardware configurations can be used for the devices described above. For example, conventional server and desktop computers can be used for the server host 102. In the illustrated embodiment, the server operates the Linux operating system. Other details of construction and operation will occur to those skilled in the art in view of the description herein. The nodes 106 can comprise routers, wireless access points, and suitably configured computer devices that might otherwise comprise clients 108 in the managed network. In the illustrated embodiment, the host 102 and traffic devices process network traffic and operate with the Linux operating system. It should be understood that other operating systems may be used, so long as the devices can provide the functionality and operations described herein. Although the network communications have been described above in accordance with the Internet protocol (IP), it should be understood that a wide variety of network communication protocols can be accommodated in accordance with the invention. The operations described herein for the gateways routers 106 and client devices 108 can be performed by device firmware or by application software installed on the respective devices. All of the devices capable of network communications will include any necessary network interface components, as will be known to those skilled in the art.
A variety of management tools are provided to the network owner 112 (
A variety of hardware configurations can be used for the devices described above. For example, conventional server and desktop computers can be used for the server host 102. In the illustrated embodiment, the server operates the Linux operating system. Other details of construction and operation will occur to those skilled in the art in view of the description herein. The nodes 106 can comprise routers, wireless access points, and suitably configured computer devices that might otherwise comprise clients 108 in the managed network. In the illustrated embodiment described herein, the nodes that process network traffic are specified as operating with the Linux operating system. Those skilled in the art will appreciate that a wide variety of device operating systems other than Linux can provide a suitable environment for execution of the operations described herein. Thus, any computer device that can perform the operations described herein can be utilized in a managed network system constructed in accordance with the invention.
Two devices are illustrated in
The second device 410 illustrated in
The processor 406 of the access point 400 can receive program instructions for proper operation into the program memory of the processor. The program instructions can be received directly, such as by flashing EEPROM of the processor, or can be received through the network interface 402, such as by download from a connected device or over a WAN or LAN network communication. In the case of receiving program instructions through the network interface, the device 400 can be connected to the computer 410 that includes the program instructions in a suitable data file. If desired, the program instructions can be stored on a computer program product 414 that is read by the computer 410 so that the program instructions can thereafter be transferred to the device 400. That is, the program product 414 is for use in a computer system such as the computer 410, wherein the program product comprises a recordable media containing a program of computer-readable instructions that are executable by the device processor 404 to perform the operations described herein. The program instructions of the program product 414 can be transferred by the computer 410 to the device 400, whereupon the instructions can be executed by the device so as to operate in accordance with the methods and operations described herein. The program product 414 can comprise, for example, optical program media such as CD or DVD data discs, or flash memory drives, or external memory stores, or floppy magnetic disks, and the like. The computer 410 includes a central processor 416 and a program product reader 418 for receiving the program product media and reading the program instructions. The computer also includes associated memory 420 and input/output facilities 422, such as a display and keyboard.
Although the network communications have been described above in accordance with the Internet protocol (IP), it should be understood that a wide variety of network communication protocols can be accommodated in accordance with the invention. The operations described herein for the gateways routers 106 and client devices 108 can be performed by device firmware or by application software installed on the respective devices. All of the devices capable of network communications will include any necessary network interface components, as will be known to those skilled in the art. The programming such as firmware and application software for the operations described herein can be installed through conventional manufacturing and production processes and through typical program installation techniques for computer devices. For example, the programming can be installed from program media containing machine instructions that can be read from media such as CD or DVD optical disc devices such that when the instructions are executed by the computer device they will cause operation in accordance with the techniques described herein. Other sources of such programming include external program sources such as memory chips, floppy disks, thumb drives, flash memory, and the like that are received into reader devices such that the program instructions can be installed.
The present invention has been described above in terms of presently preferred embodiments so that an understanding of the present invention can be conveyed. There are, however, many configurations for network devices and management systems not specifically described herein but with which the present invention is applicable. The present invention should therefore not be seen as limited to the particular embodiments described herein, but rather, it should be understood that the present invention has wide applicability with respect to network devices and management systems generally. All modifications, variations, or equivalent arrangements and implementations that are within the scope of the attached claims should therefore be considered within the scope of the invention.
This application claims the benefit of U.S. Provisional Application Ser. No. 60/892,440 entitled “Client Operation For Network Access” by Thomer M. Gil, et al., filed Mar. 1, 2007, and the benefit of the following co-pending U.S. Provisional Applications: entitled “System and Method For Hosted Network Management”, by S. Biswas, et al., Ser. No. 60/892,432, filed Mar. 1, 2007; entitled “Node Self-Configuration and Operation in a Wireless Network”, by S. Biswas, et al., Ser. No. 60/892,437; entitled “System and Method for Remote Monitoring and Control of Network Devices” by S. Biswas et al., Ser. No. 60/892,443, filed Mar. 1, 2007; entitled “Client Addressing and Roaming in a Wireless Network” by Thomer M. Gil et al., Ser. No. 60/892,449, filed Mar. 1, 2007. Priority of the filing dates is hereby claimed, and the disclosures of the Provisional Applications are hereby incorporated by reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 6704301 | Chari et al. | Mar 2004 | B2 |
| 6868080 | Umansky et al. | Mar 2005 | B1 |
| 6925069 | Koos, Jr. et al. | Aug 2005 | B2 |
| 7016328 | Chari et al. | Mar 2006 | B2 |
| 7444158 | Shitama et al. | Oct 2008 | B2 |
| 7508799 | Sumner et al. | Mar 2009 | B2 |
| 7630341 | Buddhikot et al. | Dec 2009 | B2 |
| 20010024953 | Balogh | Sep 2001 | A1 |
| 20020006788 | Knutsson et al. | Jan 2002 | A1 |
| 20030095520 | Aalbers et al. | May 2003 | A1 |
| 20030142641 | Sumner et al. | Jul 2003 | A1 |
| 20030169713 | Luo | Sep 2003 | A1 |
| 20030179750 | Hasty et al. | Sep 2003 | A1 |
| 20040141522 | Texerman et al. | Jul 2004 | A1 |
| 20040253970 | Kunihiro | Dec 2004 | A1 |
| 20040264395 | Rao | Dec 2004 | A1 |
| 20050059396 | Chuah et al. | Mar 2005 | A1 |
| 20050229238 | Ollis et al. | Oct 2005 | A1 |
| 20050259598 | Griffin et al. | Nov 2005 | A1 |
| 20060009246 | Marinier et al. | Jan 2006 | A1 |
| 20060014562 | Syrtsov et al. | Jan 2006 | A1 |
| 20060053216 | Deokar et al. | Mar 2006 | A1 |
| 20060089964 | Pandey et al. | Apr 2006 | A1 |
| 20060155833 | Matsuda et al. | Jul 2006 | A1 |
| 20060187873 | Friday et al. | Aug 2006 | A1 |
| 20060209714 | Ackermann-Markes et al. | Sep 2006 | A1 |
| 20070002833 | Bajic | Jan 2007 | A1 |
| 20070064661 | Sood et al. | Mar 2007 | A1 |
| 20070156813 | Galvez et al. | Jul 2007 | A1 |
| 20070286393 | Roever et al. | Dec 2007 | A1 |
| 20080095180 | Vucina et al. | Apr 2008 | A1 |
| Number | Date | Country |
|---|---|---|
| 1265397 | Dec 2002 | EP |
| 1473900 | Nov 2004 | EP |
| WO03079709 | Sep 2003 | WO |
| WO2006046261 | May 2006 | WO |
| WO2006121465 | Nov 2006 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 20080285483 A1 | Nov 2008 | US |
| Number | Date | Country | |
|---|---|---|---|
| 60892432 | Mar 2007 | US | |
| 60892437 | Mar 2007 | US | |
| 60892440 | Mar 2007 | US | |
| 60892443 | Mar 2007 | US | |
| 60892449 | Mar 2007 | US |
