CH 30.pdf

Full Transcript

CHAPTER XXX

Wi-Fi

30.1 Introduction:

30.1.1 A wireless network or Wireless Local Area Network (WLAN) serves the
same purpose as a wired one - to link a group of computers/IP enabled
devices like mobiles, Smart TV, IP Telephone, IP Camera etc. It is
used to augment Railnet to connect many devices supporting Wi-Fi
wireless connectivity.

30.1.2 Railnet is the general purpose Enterprise Wide Area network of Indian
Railways. Wi-Fi network is allowed to be established as a part of
Railnet.

30.1.3 Wi-Fi is also provided by Railways at Railway stations through Railtel
and other private agencies for extending the internet to Passengers.

30.1.4 For other networks like FOIS etc. Wi-Fi access can be established if
the same is permitted by the Railway Board.

30.1.5 Wi-Fi is also used as a method of connecting two networks or a single
device with a network wirelessly, like a CCTV camera where the
feasibility of providing a wired network is difficult, costly or time
consuming.

30.2 Technology:

30.2.1 Wi-Fi networks operate using radio frequency (RF) technology, in the
free band mostly at 2.4 GHz and 5GHz in public band.

30.2.2 An access point (AP) is used for providing a wireless network. The
access point is connected to the wired network (Railnet) to provide
Railnet/Internet services to its clients. An access point works as a
combination of Router, switch and Wireless Radio in one device.

30.2.3 Wireless controllers are used in the LAN to manage the access points.
These wireless controllers manage the access points, control the RF
power and try to reduce the interference in the WLAN besides
providing many advanced user management features.

30.2.4 Nowadays most of the devices like computers and laptops are provided
with built-in Wi-Fi feature for connecting to access points, but if not, the
device can be made wireless through the use of an add-on adapter
plugged into an empty expansion slot or USB port and providing the
necessary software

30.2.5 Wireless network is a shared network, more computers connected to a
wireless access point the less data each will be able to send and

Indian Railways Telecom Manual - 2021 Page 371
 receive. Wireless network's speed can vary greatly and the range of
the access point can vary too.

30.2.6 The closer to an access point, the stronger is the signal and faster is
the connection speed. The range and speed of wireless networks also
depends on the environment in which the access point is operating.

30.2.7 Interference is an issue with any form of radio communication. The
potential for interference is especially great indoors, where different
types of building materials (concrete, wood, drywall, metal, glass etc.)
can absorb or reflect radio waves, affecting the strength and
consistency of a wireless network's signal.

30.2.8 Interference can be minimized by relocating wireless networking
hardware or using access points with special antennas that enhance
capacity of radio link using methods like MIMO (Multiple Input-Multiple
Output).

30.3 Wi-Fi in Offices/Residences

30.3.1 Wi-Fi has become a necessary access technology in the Enterprise
LAN. Wi-Fi network is allowed to be established as part of Railnet.
Equipment that provides both 5GHz and 2.4 GHz access may be used.

30.3.2 Security is an important element of Wi-Fi usage in prevention of
unauthorized access. The following security measures are used for
improved security of networks using Wi-Fi.

a. SSID hiding.

b. Mac filtering.

c. Static IP addressing.

d. Use of Strong Passwords for both the device admin as well as the
WiFi access.

e. Use of strong end to end encryption standards like WPA.

f. Changing the default IP address and password of the access point.

30.3.3 In the offices, Wi-Fi access points can be provided as personnel
equipment or as a service. It is however desirable to provide Wi-Fi as a
service.

30.3.4 As a personnel access point, WPA-2 security shall be configured and
the security key shall be handed over to the user.

30.3.5 For the Wi-Fi as a service in the office areas the following shall be
followed:

Indian Railways Telecom Manual - 2021 Page 372
 a. Wi-Fi shall be provided through access points that should be
configured as extended service sets whenever possible. Wireless
controllers shall also be provided in the network to manage and
control all the access points centrally using NMS and to
automatically adjust the RF band/power of the access point to
reduce the inter-ference and increase the throughput.

b. In a typical office environment (data use) 20-25 users per access
point is a good number when designing. In view of the increased
use of net and Wi-Fi, the system should be upgraded to ensure that
each user gets sufficient bandwidth for satisfactory use of the
facility provided.

c. All access points should be powered through UPS to ensure
uninterrupted working.

d. The access points may preferably be powered using PoE from the
switch port.

e. To ensure smooth roaming, the same SSID should be used on all
the access points within the same campus/building.

The Wi-Fi access point shall be configured to authenticate users
using IEEE 802.1x MAC authen-tication through a radius server.
Such a system shall allow only authorized Wi-Fi users to roam
across the Wi-Fi zone and access Railnet securely. WPA-2 access
keys must also be configured and it must be kept the same for all
the access points in this scenario.

f. Wireless controllers should be planned in redundancy so that in
case of failure of one, the other is able to manage all the access
points centrally using NMS.

30.3.6 In case an access point is provided for a group of users on a temporary
basis, MAC binding should also be configured in the access point in
addition to the WPA-2 security key.

30.3.7 Railnet has been made available in many railway quarters. Currently it
has been extended using DSLAM and DSL modems. Wi-Fi access with
Fibre at Home may be provided in the residences as well.

30.3.8 In the residence, the device working as a Wi-Fi access point should be
configured with WPA-2 security and the key shall be made available to
the users. If possible, MAC binding shall also be configured taking in
the possible devices that may connect to the Wi-Fi access point in a
residence.

30.4 Fault Diagnosis:

Indian Railways Telecom Manual - 2021 Page 373
30.4.1 Hardware: The equipment is provided with visual indications by which
the status of the equipment can be known. The next option is by login
into the equipment and test the equipment with standard instructions
given by the manufacturer.

30.4.2 Software: The software part like firmware of access point / managed
equipment can be checked or upgraded to higher versions depending
on the type of the fault encountered.

30.4.3 Media / Channel: The media which actually connects to an access
point can be checked with the testing facility given on the interface
device or through measuring instruments.

30.5 Installation / Environment:

30.5.1 The equipment should be installed in a dust free environment and
temperature within the room shall be maintained as per the equipment
manufacturer data sheet.

30.5.2 Uninterrupted Power supply should be provided to increase the life of
the equipment as well as to keep up the availability of the access point.
The capacity of the UPS shall be decided taking into consideration
availability of local power supply.

30.5.3 The availability of the electrical earth having value within the limits is as
per standards is to be ensured.

30.6 Maintenance Schedule:

i. The equipment shall be kept clean and tidy without dust.

ii. Any other checks suggested by manufacturers.

30.7 Do’s and Don’ts:

30.7.1 Do’s:

i. Take the printouts of the configuration and document them.
ii. Softcopy of the configuration files shall be stored each time the
configuration is changed so that it will be useful for uploading
the configuration when needed and reduce the down time.
iii. Protect the cables connecting the access point and ensure
protection from rodents where cabling is done through false
ceiling.
iv. Train the staff and update the knowledge to maintain the
network more efficiently.
v. Change the password periodically.
vi. Keep the operation and maintenance manual handy.
vii. Do proper lacing of internal wiring.

Indian Railways Telecom Manual - 2021 Page 374
30.7.2 Don’ts:

i. Do not change the IP addressing scheme and IP address of the
working network without the written permission of the Network
Administrator.
ii. Do not change the configuration without the permission of the
Network Administrator.
iii. Do not share the passwords with your colleagues.
iv. Never use water to clean the equipment.

-x-x-x-

Indian Railways Telecom Manual - 2021 Page 375