Horvath Communications offers free tower co-lo

In an effort to alleviate the ramifications of COVID-19, Horvath Towers V will be offering free tower co-location to rural broadband service providers for a period of six months. 

“With so many families working and learning from home,” company President Jackie Horvath told Inside Towers, “the demand for wireless internet access has sky-rocketed. As such, we would like to partner with rural internet service providers to allow co-location on our tower assets on a temporary basis.”

Applications will be accepted between now and May 1. All inquiries are to be sent to ehorvath@horvathcommunications.com. As part of this program, the broadband provider will be responsible for the cost of installation and the equipment. The installation team must provide proper insurance before climbing the tower. 

https://www.horvathcommunications.com/ has a map with a site list

AirFiber 4.10 is out

Important notes
  • Please update far end of a link before the near end
  • Please refresh browser cache when logging into a v4.1.0 unit for the first time
  • UNMS cannot upgrade airFiber firmware loaded with pre-beta8 firmware (i.e. -beta7, etc.)
  • If you are upgrading from pre-v4.0 software, your password (after upgrade) will be the first 8 characters of your pre v4.0 password. If you chose to downgrade, please ensure that your password is no longer than 8 characters or you will be locked out of your unit.
Features
  • Added additional modulation rates (3x, 5x, 7x, 9x, 11x)
  • Improved throughput capacity (improved modulation performance)
  • Added support for UNMS
  • Added telemetry reporting (optional)
  • Changes to support Apple SSL certificate location rules
  • Updated default https certificates validity for 18 years
  • Added Paraguay and Swaziland country codes
  • Telnet Server port number now displayed on Services tab when using default number (23)
  • Added alert box when Receive Target Power is enabled
  • Build number now shown in system tab
  • Firmware version now displayed with product ID (i.e AF11 vs AF09)
  • Assorted web changes to colors, initial login screens, updated EULA
Improvements
  • Manual browser refresh not required when upgrading FROM 4.1.0
  • Updated SNMP MIB
Bugfixes
  • Detect and recover from OTA management traffic lockup
  • Detect and recover from user traffic lockup
  • Fixed issue where capacity graph showed 2x capacity when there was no GPS signal at the timing master
  • Fixed issue where GPS process would use 100% of the CPU
  • Fixed issue where RF link would repeatedly reset if Ethernet port was disabled
  • Addressed issue with moving (jittery) labels around signal strength graph
  • Corrected conducted power reading when using Receive Target Power
  • Fixed issue with Carrier Drop Operation where unit would not come back if Block Data After Pulse was enabled
  • Fixed issue where disabling Management VLAN after upgrade from pre v4.0 could corrupt networking configuration
  • Fixed SNMP reporting of frequency (SNMP now reports frequencies in MHz)
  • Fixed Static IP gateway address usage (was ignored if configured with v4.0.x)
  • Fixed GUI issue where deleting link name and pasting in a replacement would not work
Known issues
  • If you are upgrading from pre-v4.0 software, your password (after upgrade) will be the first 8 characters of your pre v4.0 password. If you chose to downgrade, please ensure that your password is no longer than 8 characters or you will be locked out of your unit.

Official Page and Download links here

Underground boxes for wireless deployments

This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
To view this content, you must be a member of Justin Wilson's Patreon at $0.01 or more
Already a qualifying Patreon member? Refresh to access this content.

Bandwidth and the Wireless ISP

This was an older article I had on my blog a few years ago.  Much of this applies still.

Bandwidth is a big hurdle most aspiring WISPs face. The reason is if high-speed alternatives were already in place, the need for a WISP would not be as great.  Sure there are business models in which the WISP can compete with other high-speed solutions. However, the bread and butter of a WISP is going into underserved areas.

You have several options for bringing a connection into your area to re-distribute to your customers. I will outline these and then go into further detail

-Leased Lines (Fractional, T-1, T3, etc.)
-Fiber Optic
-Wireless backhaul
-Cable
-DSL

Leased Lines are the most easily accessible across the United States. However, as more and more providers build fiber it is taking over as the preferred method of connectivity.  Fiber is more “future proof” than a T-Carrier circuit such as a T1 or T3.   Most phone companies can provide t1 service to almost anywhere. This is because T1 service uses the existing copper already at 99% of locations. If you have a phone line you can almost always get t1 service.  Once you go beyond T1 things get a little more complicated.  However, T1 has the ability to do bonding if the carrier and telco support it.  You essentially buy multiple T1s and combine them into a single “pipe”.  This requires the provider to support bonding as well as some special configuration on your routers.

Some questions you should ask your provider/telco.

1.Where is my circuit “homed out of”? This means where does the circuit terminate on the facility end.  You do not want this to be too far. If it is too far your reliability will suffer because you have more distance and equipment to go through.  This raises the likelihood of an equipment failure, backhoe digging something up, & utility poles falling.  The longer the distance also means the “loop charge” will most likely increase.   We will get to that in a moment.

2.There are several types of T1s for our purposes.  Some terms to familiarize oneself with are PRI, channelized, transport, and port fee.

3. Ask your provider to spell out what type of t1 this is.  If you are buying the T1 from a backbone provider such as Qwest, Level3, and others they will typically bundle everything into one package. Ask them to break this down if they don’t.  You want to know what the Local loop charge is, what the port fee is, and what the bandwidth costs.  The local loop is typically what the telephone company charges to deliver the circuit from Point A (their equipment) to Point B (you).  If you are going with a 3rd party, and not the local telephone company, the provider typically becomes the central point of contact for the entire circuit.  This can add a level of complexity when issues arise.

The port fee is a charge normally passed on for connecting to the provider’s equipment.  Say you have a 48 port switch sitting in a CO-Location facility.   For each Ethernet cable you plug in from the telephone company they charge a fee either one-time and/or monthly.  This is just the way it is typically.  One of those “Because they can” charges.  The 3rd charge is the cost of the Internet bandwidth.  A T1 can handle 1.5 Megabits of bandwidth so the cost per Megabit is not as big of an issue because you are not buying in bulk.

4.Ask to see the Service Level Agreement (SLA). If you are unfamiliar with the terms have a consultant look this over.

5.Know where your DMARC location is. This is the spot where the provider’s responsibility ends and yours begins.

6.Ask if the provider can verify with the telco how long the next circuit would take to install. You don’t want to go to order a second circuit and find out the local telephone equipment does not have enough capacity.  This has happened to our clients on many occasions.  This can be a quick process or the telco can take months and months to get around to installing the needed equipment.

References:

http://en.wikipedia.org/wiki/Demarcation_point

http://en.wikipedia.org/wiki/T-carrier

The importance of phone numbers in a WISP

One of the things I see startup wisps do wrong is their use of phone numbers.  This is one of those details that is often overlooked but is critical. It’s critical not only for tracking but also for the sanity of everyone involved.  Let’s identify where many WISPs go wrong.

The typical startup wisp is a type A go-getter. This is what Entrepreneurs are by default.  Once they have a plan they jump head over heels in. Many may start with a simple phone number, but when they call a customer if they are on their way to do an install or something they end up using their phone number.  The problem is customers keep this cell phone.  If the office is closed they start texting or calling any number they have.  Some customers will be respectful of boundaries, but many will not.  If they are getting packet loss at 3 am they are calling and texting.  This problem compounds as you grow and you have multiple installers involved. You want customer issues tracked in some sort of ticket/CRM system. You also don’t want your employees ahev to answer customer texts or calls after hours if they aren’t being paid.  It’s one of the quickest ways for employees to get burnt out or say the incorrect things.

So how do you solve this? The simple buzzword answer is unified communications.  One of the easiest and cheapest is Google Voice. With Google Voice and others, you have a primary number. This is the number you give out to clients. They call this and it rings another phone or phones.  This can be an extension on the VOIP system it is a part of, another number, and/or cell phones.  Depending on the level of sophistication it can ring all the programmed numbers at once, or ring one, and move on to the next one. If no one answers it drops the caller into voice mail. With Google voice, the programmed numbers are all rang at once.

The inbound ringing is pretty standard.  The “trick” for the WISP is the outgoing calling. You want to be able to call a customer and have it come up as the main number’s caller ID, not your cell phone. Most PBX systems can be set up to do this with the extensions attached to them.  Cell phone calls are a little more complicated.  The way Google Voice solves this is through the use of forwarding numbers, You bring up the app, enter a number and it actually calls a different number.  Behind the scenes, it is using this forwarding number to “spoof” your number to the person you are calling.   Your phone is not calling the other party directly. Your phone calls this forwarding number behind the scenes and works it all out on the backend.

Other vendors have Apps which do similar functions. Asterisk has their DISA function.  Once you have these functions setup it boils down to training and processes.  Your installers need to remember to use the app or the function when calling customers.  As the company grows, a way to help this situation is for employees to not use personal cell phones.  If a company provides a cell phone the employee can customize voicemail, or even forward no answers to the help desk should a customer get the cell phone.

Hope this helps one of the glaring issues a startup faces.

Why WPA is not encrypting your traffic

There was a Facebook discussion that popped up tonight about how a WISP answers the question “Is your network secure?” There were many good answers and the notion of WEP vs WPA was brought up.

In today’s society, you need end-to-end encryption for data to be secure. An ISP has no control over where the customer traffic is going. Thus, by default, the ISP has no control over customer traffic being secure.  “But Justin, I run WPA on all my aps and backhauls, so my network is secure.”  Again, think about end-to-end connectivity. Every one of your access points can be encrypted, and every one of your backhauls can be encrypted, but what happens when an attacker breaks into your wiring closet and installs a sniffer on a router or switch port?What most people forget is that WPA key encryption is only going on between the router/ap and the user device.  “But I lock down all my ports.” you say.  Okay, what about your upstream? Who is to say your upstream provider doesn’t have a port mirror running that dumps all your customer traffic somewhere.  “Okay, I will just run encrypted tunnels across my entire network!. Ha! let’s see you tear down that argument!”. Again, what happens when it leaves your network?  The encryption stops at the endpoint, which is the edge of your network.

Another thing everyone hears about is hotspots. Every so often the news runs a fear piece on unsecured hotspots.  This is the same concept.  If you connect to an unsecured hotspot, it is not much different than connecting to a hotspot where the WPA2 key is on a sign behind the cashier at the local coffee shop. The only difference is the “hacker” has an easier time grabbing any unsecured traffic you are sending. Notice I said unsecured.  If you are using SSL to connect to a bank site that session is sent over an encrypted session.  No sniffing going on there.  If you have an encrypted VPN the possibility of traffic being sniffed is next to none. I say next to none because certain types of VPNs are more secure than others. Does that mean the ISP providing the Internet to feed that hotspot is insecure? There is no feasible way for the ISP to provide end to end security of user traffic on the open Internet.

These arguments are why things like SSL and VPNs exist. Google Chrome is now expecting all websites to be SSL enabled to be marked as secure. VPNs can ensure end-to-end security, but only between two points.  Eventually, you will have to leave the safety and venture out into the wild west of the internet.  Things like Intranets exist so users can have access to information but still be protected. Even most of that is over encrypted SSL these days so someone can’t install a sniffer in the basement.

So what is a WISP supposed to say about security? The WISP is no more secure than any other ISP, nor are then any less secure.  The real security comes from the customer. Things like making sure their devices are up-to-date on security patches.  This includes the often forgotten router. Things like secure passwords, paying attention to browser warnings, e-mail awareness, and other things are where the real user security lies. VPN connections to work. Using SSL ports on e-mail. Using SSH and Secure RDP for network admins. Firewalls can help, but they don’t encrypt the traffic. Does all traffic need encrypted? no.

Cambium ePMP 3000 features

An older post but still relative. Figured I would re-post this.

Cambium and CTIconnecxt put on a webinar about ePMP 3000 today.  This should be available online at one point.  Look for it in the Cambium forums.

Some notes I took
-ePMP 3000 offers Simultaneous MIMO downlink transmission
-You will be able to use the beamsteering antenna with the 3000.  Cambium is working on the software to make this work.
-3000 has a dedicated receiver chip.  This allows you to run the spectrum analyzer in realtime. Also has “edetect on steroids” which shows more information than the current edetect.
-Sector is a 4X4 90 degree sector with beamforming. Achieves and extra 3db in the downlink.

Beamforming vs Beamsteering
Beamsteering is for dealing with interference.
Beamforming is for downlink gain.

-Cambium mentioned the concept of Azimuth Delta.  This is groups of SMs in terms of how the AP talks to groups.  The gave an example on a google earth plot.  In a nutshell, when you have gain in one direction it takes advantage of the null in different directions. More to this, but that is for another post.

-“Sounding” -Sends a special packet and gets feedback from the subscriber. Determines how the phase shift works and other things.

-Elevated clients beta is coming to make the elevated clients work with the 3000.

I hope distributors work out a smaller cold shrink for the sma connectors on the ePMP Ap radios.  Weatherproofing these properly will be an issue due to the close proximity of the connectors.  I have not seen the connectors on a sector to see how those will be.  This is where folks could take a page from the coldshring that comes with the Baicells gear or the cables with the integrated boot some distributors sell.

 

Antenna patterns and interference

This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
To view this content, you must be a member of Justin Wilson's Patreon at $0.01 or more
Already a qualifying Patreon member? Refresh to access this content.