Prateek Mid Sem

8/2/2019 Prateek Mid Sem

1/58

(June 2008 TO December 2008)

ON SIX MONTHS INDUSTRIAL TRAINING

AT

Tulip Telecom Limited

Submitted in partial fulfillment of the requirements

For the award of the degree of

Bachelor of Technology [B.TECH]

SUBMITTED TO: SUBMITTED BY:

Mr. S.P SINGLA KUMAR SANU

(HOD ECE Deptt.) ECE 8th Semester

6100405576

PUNJAB COLLEGE OF

ENGINEERING & TECHNOLOGY

[Affiliated to Punjab Technical University]


2/58

VPN TECHNOLOGY

An Integral Part Of Networking

CERTIFICATE

This is to certify that the dissertation/project report (Course code) entitled

VPN TECHNOLOGY-An Integral Part Of Networking done by Mr. KUMAR SANU

Enrollment No. 6100405576 is an authentic work carried out by him at TULIP TELECOM

LTD, under my guidance. The matter embodied in this project work has not been submitted

earlier for the award of any degree or diploma to the best of my knowledge and belief.

Date: Signature of the Guide

For Tulip Telecom Ltd.


3/58

Self Certificate

This is to certify that dissertation/project report entitled VPN TECHNOLOGY- An Integral

Part Of Networking done by me is an authentic work carried out for the partial fulfillment of the

requirements for the award of the degree of B.TECH[ECE] under the guidance of Mr.

.ANURAG SOOD & Mr. DARSHAN PATHAK.

The matter embodied in this project work has not been submitted earlier for award of any degree or

diploma to the best of my knowledge and belief.


4/58

KUMAR SANU

6100405576

ACKNOWLEDGEMENT

This Industrial Training project is not the result of only my hard work but there are so

many peoples are involved in this project. I greatly and heartily thanks to all of them for their

contribution in this project. Special thanks to my talented and polite guides Mr. Anurag Sood, Mr.

Darshan Pathak & Mr. Bhanu Sharma without them the my training would not be successful.

They worked on this project as developmental editor and advisor and offered their help generously

when needed in every aspect of my training. Thanks for their technical help for scrutinizing every

problem I faced during this tenure of training. To the guide colleges who has done more than I can

guess to keep this project in order and on schedule. I wish them luck with their lives, and hope we

will meet soon in a future project.

Finally, this project is completed with the Bless of Almighty God and my Parents affections and

my faith in God.


5/58

PREFACE

This work has been done as a part of industrial training. This Purpose of industrial training is to

familiarize the students with the present working environment in country and outside

To provide the students with the opportunity to study the latest technical trends those have been

established as well as one that what they are learning during the period of industrial training will

certainly help them to develop their potential and technical skills.

As part of our industrial training we undertook a project in WAN CONNECTIVITY THROUGH

VPN, Chandigarh. During our stay here we learnt how an actual project progress and what sort of

problems that actually occur throughout the project.

At last with all my sincere gratitude we would like to thank my friends and project guide

for their efforts to help in development of project.


6/58

Introduction and Background


7/58

About TULIP TELECOM Ltd.

Tulip Telecom Ltd is an INDIA based data communication services provider

company. Tulips product port folio includes network integration, which not

only includes designing and developing networks for its clients but alsomanaging them.Besides this Tulip is also engaged in wireless connectivity

which provides a range of point to point and point to multi-point wireless

applications. Tulips network covers more than 1,000 cities and towns, has over

50,000 links for approximately more than 600 customers that include

organizations across all verticals such as BFSI, telecom, logistics, retail, the

government and manufacturing

What adds to the companys credibility is the quality of the network it hasbeen successful in providing to the interiors of many states. Tulips worth

mentioning Akshaya project in Malappuram district of Kerala is based on last

mile connectivity model which provides an area wide data connectivity

network with an always-on internet model that runs on fiber and reaches

connectivity to the last mile on wireless in much less cost and time. According

to a Frost and Sullivan report, Tulip Telecom is the largest MPLS VPN service

provider with a market share of 28%.

Tulip was also short-listed as one of the 6 finalists in the Asia Innovation

Awards by the Wall Street Journal at GES Singapore for its innovative use of

wireless on the Last Mile


8/58

Tulip Connect We provide both inter-city as well as intra-city connectivity based upon the clients

requirements.

Tulip inter-city network is based on optical fiber cable provided by multiple service providers. The

network is created in mesh architecture so that if any link does fail, there are multiple alternate

routes available. Consequently, Tulip network has an inbuilt redundancy and provides the highest

levels of uptime. In addition, Tulip has expanded its network reach to more than 300 cities in India

and thus we can provide you connectivity anywhere in India.

The last mile connectivity is entirely based on wireless, using radio frequency technology in Point-

to-Point and Point-to-Multipoint applications. Licensed frequencies are in major cities to overcome

the interference issues.

Highest levels of uptime with built-in redundancies

One of the largest networks in the country

Bandwidth on demand, upgrade in minutes

Managed MPLS enabled network

Immediate connectivity and co-location services

World class design, converged voice, data, video network

Single point for bandwidth and network equipment


9/58

Prestigious Clients

Our list of clients includes prestigious companies like the largest banks, service providers, media

companies, government enterprises, call centers / BPO's and corporates.


10/58

Rural Connectivity

Tulip IT Services was selected as the service provider for Malappuram after they came up with a

cost-effective and terrain-friendly last-mile solutions for the Akshaya Internet community centres

housed there.All the options for connectivity, like fiber, cable and leased line, were explored by the

state. Given the undulating hilly and highly vegetated terrain of the place, wireless emerged as the

most feasible option in terms of cost and logistics in the deployment of the network.

Malappuram now has a well-considered hybrid connectivity infrastructure, through a mix ofwireless technologies like WipLL, Vine and 802.11.b WiFi with multiple redundancies. The

backbone redundancy was provided through fiber.

The 550 Akshaya e-centres are connected in a LAN environment, which, in turn, are connected to

a Network Operating Centre (NOC). The NOC have direct connectivity with the Internet

backbone. The NOC infrastructure would ensure browsing at no cost to users in the network. This

would mean that the entire district is converted into "a small wired office" seamlessly inter-

connected with linkages to three world-class purveyors of the technology. Each Akshaya centre

now caters to the needs of 1,000-1,500 households, enabling each to benefit from the advantages of

Internet connectivity. The Malappuram experiment is only a pilot, to be replicated in phases over

the entire State. As the locations of these centres are strategically planned and spatially distributed,

they will form a powerful network to guide and support the e-governance initiatives, community

development interventions, e-commerce and information dissemination. The connectivity

infrastructure which is established through the Akshaya project, i.e., network and backbone,

network centre, software, Internet access and management, can also be used to connect, apart from

Akshaya centres, all panchayat offices, village offices and departmental offices spread across the

district.


11/58

GENERAL BUSINESS PERCENATAGE


12/58

Abstract

VPN stands for VIRTUAL PRIVATE NETWORK.

VPN SYSTEM as the name says is :

1) Network: topology where various hosts are physically connected to each other.

2) Virtual: it ia virtual because hosts are not physically connected but, connected virtually

using WIRELESS Systems.

3) Private: it is private because all the clients feels as the whole network is configured

privately only for their usage which is actually not true.

Hence VPN system is combination of all the above three aspects of networking.

This VPN application is a complete solution for Clients specially using distributive system

environment where the Client keeps track of details regarding his / her remote location sites/offices

to the Head-office site.

This application can be used in two ways:

1) Point-to-Point: where there is direct link b/w two sites of client the service provider has no

interference in this type of connectivity.

2) Multi-Point: where there is connectivity of many clients from a particular location all

sharing some allotted bandwidth.


13/58

Using VPN connectivity Client can access directly to all remote location same as they would have

accessed it while physically present there.

INTRODUCTION TO VPN

The World has changed a lot in the last couple of decades. Instead of simply dealing with

local or regional concerns, many businesses now have to think about global markets and

logistics. Many companies have facilities spread out across the country or around the

world, and there is one thing that all of them need: A way to maintain fast, secure and

reliable communication wherever their offices are.

Virtual Private Network


14/58

Image courtesy Cisco Systems, Inc.

A typical VPN might have a main LAN at the corporate headquarters of a company, other

LANs at remote offices or facilities and individual users connecting from out in the field.

Until fairly recently, this has meant the use of leased lines to maintain a Wide Area Network

(WAN). Leased lines, ranging from ISDN (Integrated Services Digital Network, 128 Kbps) to

OC3 (Optical Carrier-3, 155 Mbps) fiber, provided a company with a way to expand its private

network beyond its immediate geographic area. A WAN had obvious advantages over a public

network like the Internet when it came to reliability, performance and security. But maintaining aWAN, particularly when using leased lines, can become quite expensive and often rises in cost as

the distance between the offices increases.

As the popularity of the Internet grew, businesses turned to it as a means of extending their own

networks. First came Intranets, which are password-protected sites designed for use only by

company employees. Now, many companies are creating their own VPN (virtual private

network) to accommodate the needs of remote employees and distant offices.

Basically, a VPN is a private network that uses a public network (usually the Internet) to connectremote sites or users together. Instead of using a dedicated, real-world connection such as leased

line, a VPN uses "virtual" connections routed through the Internet from the company's private

network to the remote site or employee. In this article, you will gain a fundamental understanding

of VPNs, and learn about basic VPN components, technologies, tunneling and security.
http://computer.howstuffworks.com/enlarge-image.htm?terms=vpn+-phantom&page=0


15/58

WHAT MAKES A VPN ?


16/58

A well-designed VPN can greatly benefit a company. For example, it can:

Extend geographic connectivity

Improve security

Reduce operational costs versus traditional WAN

Reduce transit time and transportation costs for remote users

Improve productivity

Simplify network topology

Provide global networking opportunities

Provide telecommuter support

Provide broadband networking compatibility

Provide faster ROI (return on investment) than traditional WAN

What features are needed in a well-designed VPN? It should incorporate:

Security

Reliability

Scalability

Network management Policy management

TYPES OF VPN


17/58

Examples of the three types of VPN

There are in general two types of VPN:

1) Remote Access VPN

2) Site-to-Site VPN

SITE-TO-SITE VPN is further classified as:

1) INTERNET VPN

2) INTRANET VPN


18/58

Remote-Access VPN

.

Remote-access, also called a virtual private dial-up network(VPDN), is a user-to-LAN

connection used by a company that has employees who need to connect to the private network

from various remote locations.

Typically, a corporation that wishes to set up a large remote-access VPN will outsource to an

Enterprise Service Provider (ESP). The ESP sets up a Network Access Server (NAS) and

provides the remote users with desktop client software for their computers. The telecommuters can

then dial a toll-free number to reach the NAS and use their VPN client software to access the

corporate network.

Site-to-Site VPN

Through the use of dedicated equipment and large-scale encryption, a company can connect

multiple fixed sites over a public network such as the Internet. Site-to-site VPNs can be one of two

types:

Intranet-based - If a company has one or more remote locations that they wish

to join in a single private network, they can create an intranet VPN to connect LAN

to LAN.

Extranet-based - When a company has a close relationship with another

company (for example, a partner, supplier or customer), they can build an extranet

VPN that connects LAN to LAN, and that allows all of the various companies to

work in a shared environment.
http://www.howstuffworks.com/lan-switch.htmhttp://www.howstuffworks.com/lan-switch.htm


19/58

VPN SECURITY

As we know that security is very important for any system in such way VPN system is also uses

many security techniques. A well-designed VPN uses several methods for keeping your connection

and data secure:

Firewalls

Encryption

IPSec

AAA Server

FIREWALLS:

A Firewall provides a strong barrier between your private network and the Internet. You can set

firewalls to restrict the number of open ports, what type of packets are passed through and which

protocols are allowed through. Some VPN products, such as CISCO 1700 series router, can be

upgraded to include firewall capabilities by running the appropriate Cisco IOS on them. You

should already have a good firewall in place before you implement a VPN, but a firewall can also

be used to terminate the VPN sessions

ENCRYPTION:


20/58

Encryption is the process of taking all the data that one computer is sending to another and

encoding it into a form that only the other computer will be able to decode. Most Computer

encryption techniques belong to one of two categories:

Symmetric-key encryption

Public-key encryption

In symmetric-key encryption, each computer has a secret key (code) that it can use to encrypt a

packet of information before it is sent over the network to another computer. Symmetric-key

requires that you know which computers will be talking to each other so you can install the key on

each one. Symmetric-key encryption is essentially the same as a secret code that each of the two

computers must know in order to decode the information. The code provides the key to decoding

the message. Think of it like this: You create a coded message to send to a friend in which each

letter is substituted with the letter that is two down from it in the alphabet. So "A" becomes "C,"

and "B" becomes "D". You have already told a trusted friend that the code is "Shift by 2". Your

friend gets the message and decodes it. Anyone else who sees the message will see only nonsense.

Public-key encryption uses a combination of a private key and a public key. The private key is

known only to your computer, while the public key is given by your computer to any computer that

wants to communicate securely with it. To decode an encrypted message, a computer must use the

public key, provided by the originating computer, and its own private key. A very popular public-

key encryption utility is called Pretty Good Privacy (PGP), which allows you to encrypt almost

anything. You can find out more about PGP at thr PGP site.


21/58

IPSec

Internet Protocol Security Protocol (IPSec) provides enhanced security features such as better

encryption algorithms and more comprehensive authentication.

Photo courtesy Cisco Systems, Inc.


22/58

A remote-access VPN utilizing IPSec

IPSec has two encryption modes: tunnel and transport. Tunnel encrypts the header and the

payload of each packet while transport only encrypts the payload. Only systems that are IPSec

compliant can take advantage of this protocol. Also, all devices must use a common key and thefirewalls of each network must have very similar security policies set up. IPSec can encrypt data

between various devices, such as:

Router to router

Firewall to router

PC to router

PC to server

AAA Servers

AAA (authentication, authorization and accounting) servers are used for more secure access in a

remote-access VPN environment. When a request to establish a session comes in from a dial-up

client, the request is proxied to the AAA server. AAA then checks the following:

Who you are (authentication)

What you are allowed to do (authorization)

What you actually do (accounting)

The accounting information is especially useful for tracking client use for security auditing, billing

or reporting purposes.


23/58

CONCEPT OF TUNNELING

Most VPNs rely on tunneling to create a private network that reaches across the Internet.

Essentially, tunneling is the process of placing an entire packet within another packet and sending

it over a network. The protocol of the outer packet is understood by the network and both points,

called tunnel interfaces, where the packet enters and exits the network.

Tunneling requires three different protocols:

Carrier protocol - The protocol used by the network that the information is

travelling over


24/58

Encapsulating protocol - The protocol (GRE, IPSec, L2F, PPTP, L2TP) that is

wrapped around the original data

Passenger protocol - The original data (IPX, NetBeui, IP) being carried

Tunneling has amazing implications for VPNs. For example, you can place a packet that uses aprotocol not supported on the Internet (such as NetBeui) inside an IP packet and send it safely over

the Internet. Or you could put a packet that uses a private (non-routable) IP address inside a packet

that uses a globally unique IP address to extend a private network over the Internet.

A Tunneling Demonstration

Site-to-Site Tunneling

In a site-to-site VPN, GRE (generic routing encapsulation) is normally the encapsulating

protocol that provides the framework for how to package the passenger protocol for transport over

the carrier protocol, which is typically IP-based. This includes information on what type of packet

you are encapsulating and information about the connection between the client and server. Instead

of GRE, IPSec in tunnel mode is sometimes used as the encapsulating protocol. IPSec works well

on both remote-access and site-to-site VPNs. IPSec must be supported at both tunnel interfaces to

use


25/58

Remote-Access Tunneling

In a remote-access VPN, tunneling normally takes place using PPP. Part of the TCP/IP stack,PPP

is the carrier for other IP protocols when communicating over the network between the host

computer and a remote system. Remote-access VPN tunneling relies on PPP.

Each of the protocols listed below were built using the basic structure of PPP and are used by

remote-access VPNs.

L2F (Layer 2 Forwarding) - Developed by Cisco, L2F will use any

authentication scheme supported by PPP.

PPTP (Point-to-Point Tunneling Protocol) - PPTP was created by the PPTP

Forum, a consortium which includes US Robotics, Microsoft, 3COM, Ascend and

ECI Telematics. PPTP supports 40-bit and 128-bit encryption and will use any

authentication scheme supported by PPP.

L2TP (Layer 2 Tunneling Protocol) - L2TP is the product of a partnership

between the members of the PPTP Forum, Cisco and the IETF (Internet Engineering

Task Force). Combining features of both PPTP and L2F, L2TP also fully supports

IPSec.

L2TP can be used as a tunneling protocol for site-to-site VPNs as well as remote-

access VPNs. In fact, L2TP can create a tunnel between:

Client and router NAS and router

Router and router
http://www.howstuffworks.com/framed.htm?parent=vpn.htm&url=http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci214311,00.htmlhttp://www.howstuffworks.com/framed.htm?parent=vpn.htm&url=http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci214311,00.htmlhttp://www.howstuffworks.com/framed.htm?parent=vpn.htm&url=http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci214311,00.html


26/58

The truck is the carrier protocol, the box is the

encapsulating protocol and the computer is the passenger

protocol.

Think of tunneling as having a computer delivered to you by UPS. The vendor packs the computer(passenger protocol) into a box (encapsulating protocol) which is then put on a UPS truck (carrier

protocol) at the vendor's warehouse (entry tunnel interface). The truck (carrier protocol) travels

over the highways (Internet) to your home (exit tunnel interface) and delivers the computer. You

open the box (encapsulating protocol) and remove the computer (passenger protocol). Tunneling is

just that simple!

DELHI INTER POP CONNECTIVITY

TULIP OKHLA

GHITTORNI

CELEBRITY

NEHRUPLACE

5.3 GHZ,

INFINET BKP

5.1GHZ

INFINET

2.7 GHZ,

A IRS P AN

13GHZ

W I T C O M

PITAMP.5.3 GHZ, IN FINET

5.3 GHZ, RADWI N

BHIKAJI

LajpatNagar

2.7 GHZ

AIRSPAN

5 . 3 G H Z R A D W I N

N FC

2.7GHZ

AIRSPAN

Metro

Ethernet

CP

13G H Z

WITCO M

FIBER

FIBER

RF BACK UP

M ETRO ETH ERN E T 5.3GHZ

RA D WIN

JANAKPURI

5.3GHZ INFINET

Raje ndr apla ce


27/58

LIFE CYCLE OF VPN CONNECTIVITY

1. CUSTOMER REQUIRMENT.

2. SURVEY

3. ANALYSIS BY PROJECT TEAM

4. LINK INSTALLATION BY ENGG.

5. TUNNEL CREATION BY NOC (NETWORK OPERATION CONTROL)

6. LOAD TESTING & CUSTOMER ACCEPTANCE


28/58

Customer Requirement

Every system has a life cycle so as that VPN too have a life cycle the life cycle of any VPN begins

with customer requirement face. Generally the requirement of the customer is of two types

a) If a company has one or more remote locations that they wish to join in a single private network,

they can create an intranet VPN to connect LAN to LAN

b) When a company has a close relationship with another company (for example, a partner,

supplier or customer), they can build an extranet VPN that connects LAN to LAN, and that allows

all of the various companies to work in a shared environment.

Depending on the requirement tulip send its sales person for further queries. Like that of the

bandwidth required, what kind of data transfer will it be voice or simple file transfer, or he wants

to run a application like SAP or other. Sales officer tells the approximations of the link installation.

And he forwards a report to the back office for the survey report. Then afterwards the project

manager decides the team size to implement the different links .

After this team is decided which includes engineers and riggers .


29/58

CASE STUDIES OF WORK PERFORMED IN INDUSTRIAL TRAINING AT TULIP

TELECOM LIMITED.

SUBMITTED BY: PRAVESH


30/58

CASE STUDIES

The following is the CASE STUDIES of the various work performed in the period of

Industrial Training at TULIP TELECOM LIMITED.

The followed is the details of all the work performed at both client as well as Tulip Side.

The work at TULIP is of following types :

1) New Installation.

2) Trouble-Shooting the installed Link at Client Side.

3) Inspection of the CPE (Client Premises Equipments).

4) VOIP PHONES

5) VIDEO CONFRENSING

New Installation :

New installation includes installing all the equipments i.e

1) Subscriber Premises Radio (SPR) / Modem.

2) Router (CISCO or HUEWII mainly)

3) Power Over Ethernet (PoE)

4) Antenna and Feeder(2.7MHz or 5.3 MHz)

TROUBLE-SHOOTING :

Trouble-shooting includes the checking of the system and diagnosing the reasons for the

fault which causes the malfunctioning the link at client side.

There can be many reasons of malfunctioning of the link at client side. Some of them is

specified below:


31/58

1) Wireless connectivity affected due to bad alignment of the antenna because the

Wireless System work on Radio Frequency (RF) which uses LINE -OF-SIGHT for

connectivity.

2) There can be seepage of water in Pictal which causes carbon deposition on the pin of

cable hence disconnecting the link.

3) Frequency Interference.

4) Conflicting IP.

5) Cable Breakage and Hanging of Equipments due to Bad Environmental Condition.

INSPECTION OF CPE :

Inspection includes checking the Client Side Equipments (CPE) regularly for their better

working of Link.

Following is the work done while performing inspection at client site :

1) The inspection procedure includes checking the earthing voltage at client premises.

2) Checking the condition of equipments whether the are well maintained or not.

3) Checking the bandwidth given to the client and IP Schema of the client.

4) Checking whether the physical topology of the equipments is as per the Network

Diagram i.e. First Modem, than Router, than to switch and finally towards the LAN.


32/58

FIREPRO WIRELESS MODEMS

Firepro is an emerging leader of Point-to-Multipoint (PtMP) Fixed

Firepro deliver Point-to-Multipoint and point-to-point solutions for both licensed and unlicensed

spectrums. We also provide breakthrough in self-install, scalability, Non-Line-Of-Sight (NLOS)

coverage, State of the art QoS, Video, VoIP and various other applications.....

Multiple Configuration Options

Supports Multiple ApplicationsModular Design

Dual Band Radio


33/58

WINBOX: SOFTWARE REQUIRED FOR CONFIGURATION OF FIREPRO MODEM


34/58

CONFIGURATION:

THIS IMAGE SHOWS ALL THE CONFIGURATION OF THE MODEM


35/58

BANDWIDTH

THIS IMAGE REPRESENTS THE BANDWIDTH OF THE MODEM


36/58

Link installation

Based on the survey report recommendation link installation phase begins in following steps

1. Type of modem to be used.

2. Antenna required

Installation of Airspan Modem

BSR

The BSR, installed at theBaseStation, isanencasedoutdoor radiomoduleprovidinga9pinD-

typeport form RS-232 serial interface and a 15 pin D-typeport for data, synchronization, and

power interfaces. The BSR is available in two models: BSR with an integral antenna (BSR 900MHz TDD V-pol); BSR with twoN-typeports(displayedbelow) forattachingup to twoexternal

antennas(BSR900MHzTDDDualExt).

SPR

The SPR is an encased CPE outdoor radio moduleproviding access to a 15pinD-typeport for

Ethernet, serial, andpower interfaces. The SPR model is available in two models: SPR with an

integralantenna(SPRL900MHzTDDV-pol)andSPRwithanN-typeportforattachinganexternal

antenna(SPR900MHzTDDExt).


37/58

Site preparation and planning

When preparing and planning the site, ensure the following:1. Minimum obstructions (e.g. buildings) in the radio path between the Base Station radio (i.e.

BSR) and the

subscriber radios (i.e. SPR/IDR).

2. Minimum incursions on Fresnel Zone (recommended minimum of 60% clearance of first

Fresnel Zone).


38/58

Minimum multipath fading: Some of the transmitted signals may be reflected from a nearby

building, by water under the signal path, or from any other reflectors. This reflected ("bounced")

signal can then be received by the radio receiving the signal and superimposed on the main

received signal, thereby,degrading the signal strength. Airspan recommends installing the outdoor

radios at the rear of the buildings roof instead of the front. When you install at the rear, the front

of the building blocks incoming signals from multipath reflections.

- Clean frequencies selected from Spectrum Analyzer results (see Chapters 9 and 13). Maximum

received signal strength (RSS) at CPE by antenna alignment: For the IDR, RSS can be

measured by the IDR's built-in RSS LEDs; for the SPR, RSS can be measured by Airspans

WipConfig program or by connecting Airspan's RSS LED Plug Adapter.

- Radios are mounted as far as possible from sources of interference that could degrade

performance of radio. Ensure a minimum of 1-meter separation between co-located outdoor units.

Radios mounted as high as possible to avoid obstructions and to increase link quality.

-BSR and SPR/IDR are within maximum range of reception.

-Maximum length of 100 meters CAT-5 cable connecting outdoor radio units to indoor terminating

units.

- Sufficient wiring conduit and cable ties to channel and protect the CAT 5 cable connecting the

outdoor radio to the indoor hub/switch.

- Required power source is available at the site.


39/58

External antenna consideration

In some scenarios, where capacity demand is relatively low, external omni-directional antenna use

at the Base Station may seem attractive. However, it is recommended to avoid using omni-

directional antennas (ifpossible), due to the following disadvantages that these antennas pose

compared to directional antennas:

- Higher sensitivity to external interferences.

- Higher sensitivity to multipath, resulting in the following:

- The root mean square (RMS) delay spread at the Base Station is substantially higher.

-Multipath interference at the CPE side (when using omni-directional antenna at the Base Station)

is substantially higher. In fact, when using an omni-directional antenna, the existence of clear

Fresnel zone between BSR and SPR/IDR is insufficient to eliminate multipath interference, since

multipath, in this case, can be caused by reflections originating from obstacles outside the Fresnel

zone.

- Higher sensitivity to alignment. Since the omni-directional antenna gain is achieved by

narrowing the vertical beam width, a relatively low deviation in the antenna alignment will result

in severe signal

attenuation


40/58

Transmit Power and Cable Loss

Airspans AS WipLL radios provide transmit power compensation for power attenuation caused by

cable loss(of cable connecting to external antenna). Cable loss is the loss of radio transmit (Tx)

power as heat, and directly proportional to cable length and quality, and operating frequency. In

accordance with FCC regulations, when operating in unlicensed bands, the external antennas must

provide an EIRP of 36 dBm to prevent

Interference with other radios. EIRP is defined as max. Power

To define BSR transmit power taking into consideration cable loss (using WipManage):

1.In the BSR Zoom window, from the Configuration menu, point to RF, and then choose Power

Settings.

2. Ensure the Power Management Mode Active check box is cleared. On the Power Level slide

ruler, define the BSRs maximum power level, e.g. 23 dBm.

3. In the Loss Compensation field, enter the power to compensate for power attenuation due to

cable length (i.e. cable loss compensation), e.g. 4 dB.

4. ClickApply, and then reset the BSR to apply the new power settings.

Therefore, taking cable loss into consideration, the total power level of 27 dBm (23 plus 4) is

achieved

Mounting of out door Radio units

Pole Mounting

The BSR and SPR can be pole mounted to avoid radio wave obstructions between BSR and SPR.

The supplied pole-mounting bracket is designed to support the BSR/SPR on a round pole of 45mm


41/58

diameter.

To pole mount the BSR/SPR

1. Attach the mounting bracket to the BSR/SPR using two stainless steel bolts.

2. Attach the clamping bracket to the mounting bracket using two M8-stainless steel bolts.

3. Attach the Clamping bracket to the pole by placing the two U-bolts around the pole, and then

inserting the U-bolt through the Clamping bracket and securing it by screwing the two bolts on the

U-bolt.

4. Adjust the vertical position of the BSR/SPR. Lock the BSR/SPR at the desired position by

inserting the locking bolt in the desired position. Once the correct angle has been set both bolts

must be tightened to lock the BSR/SPR bracket in place.5. Adjust the BSR/SPR horizontal position by rotating the BSR/SPR about the pole, and then

tightens the Ubolt.BSR/SPR positioning is obtained in two planes by adjustment of the mounting

bracket assembly as shown

in the figure below.

Cabling


42/58

5

BSR-to-BSDU Cabling

The BSR interfaces with the providers backbone through the BSDU (or SDA). The BSR

connects to the BSDU using a CAT 5 cable. (The BSR-to-SDA cabling is the same as SPR-

to-SDA cabling.

Cable connection1. Connect the 15-pin D-type male connector to the BSRs 15-pin port.

2. Connect the 15-pin D-type male connector, at the other end of the CAT 5 cable, to one of the

BSDUs 15-pin D-type ports labeled BSR, located on the BSDUs rear panel.


43/58

SPR-to-SDA Cabling

The SPR interfaces with the subscribers Ethernet network (LAN) through the SDA. The SPR

connects to the SDA using a CAT 5 cable.

6

Cable connection


44/58

1. Connect the 15-pin D-type male connector, at one end of the CAT 5 cable, to the SPRs 15-pin

port.

2. Connect the 15-pin D-type male connector, at the other end of the CAT 5 cable, to the SDAs

15-pinD-type


45/58

Software Installation

AS WipLL provides two main configuration and management tools: WipManage and WipConfig.

Before installing these tools, ensure that the following system requirements are fulfill.

Hardware requirements:

1.CPU 400 MHz minimum (recommended 1,000 MHz or more)

2.RAM 256 MB (recommended 512 MB or more)

3.Display adapter memory 8 MB

4.Graphics 1024 x 768 (recommended 1024 x 768 or more)

5.Minimum free hard disk space 500 MB (recommended 2 GB or more)

6.Network adapter 10/100 Mbps

Software requirements operating systems:

1.Microsoft Windows NT 4 work station (English only) SP 3.0 or higher

2.Microsoft Windows 2000 Professional

3.Microsoft Windows XP Professional

Initial Configuration

To successfully establish an air and network link between the BSR and SPRs/IDRs, the following

initial configuration settings (using WipConfig) must exist:

1. Correct IP and subnet addresses configured (according to your network addressing

scheme)

2. Correct BSR's Air MAC address configured for BSR

3. Correct BSR's Air MAC address assigned to SPRs/IDRs


46/58

4. Identical frequency table configured for BSR and SPRs/IDRs

5. Identical maximum transmission rate configured for BSR and SPRs/IDRs

6. dentical mode (i.e. router or bridge) configured for BSR and SPRs/IDRs

Default settings:-

Airspans factory default settings for the AS WipLL devices are listed in the following table:

BSR Initialization

To perform BSR initial configuration:

1. Connect the PC running WipConfig to the BSR using serial cabling.

2. Start WipConfig.


47/58

3. On the toolbar, in the Communication group, select the Serial option, and then click the Connect

button,WipConfig connects to the BSR.

4. Apply factory defaults to the BSR, by performing the following:

a. On the toolbar, click the Set Factory Default button; A Warning message box appears.

b. Click Yes to confirm applying factory defaults to the BSR; A Warning message box

appears.

c. Click Yes to confirm BSR reset; WipConfig applies the default settings to the SPR/IDR.

5. From the Mode drop-down list, select Bridge (i.e. for transparent bridge mode).

6. In the Network Configuration group, enter the following fields:

--Eth IP Address: enter the BSRs IP address (e.g. 10.0.0.10)

--Eth Subnet Mask: enter the BSRs subnet address (e.g. 255.255.255.0)

--Default Gateway: enter the BSRs default gateways IP address if relevant

7. In the RF Configuration group, enter the following fields:

--Air MAC Address: enter the BSRs Air MAC address (0x0000 through 0xFFFF), e.g.

0x1200

--Frequency Table ID: enter frequency table number used by BSR (0 through 63)

8. On the toolbar, click the Write button.

9. On the toolbar, click the Reset button to reset the BSR; A Warning message box appears.

10. Click Yes to confirm BSR reset.

The figure below displays the BSR configured in the bridge mode.


48/58

SPR Initialization

To perform SPR/IDR initial configuration:

1. Connect the PC running WipConfig to the SPR/IDR using serial cabling.

2. Start WipConfig.

3. On the toolbar, in the Communication group, select the Serial option, and then click the Connect

button,WipConfig connects to the SPR/IDR.

4. Apply factory defaults to the SPR/IDR, by performing the following:

a. On the toolbar, click the Set Factory Default button; A Warning message box appears.

b. Click Yes to confirm; A Warning message box appears.

c. Click Yes to confirm SPR/IDR reset; WipConfig applies the default settings to the

SPR/IDR.

5. From the Bridge Mode drop-down list, select Bridge (i.e. transparent bridge mode).

6. In the Network Configuration group, enter the following fields:--Eth IP Address: enter the

SPRs/IDR's IP address (e.g. 10.0.0.20)


49/58

--Eth Subnet Mask: enter the SPRs/IDR's subnet address (e.g. 255.255.255.0)

--Default Gateway: enter the SPRs/IDR's default gateways IP address, if relevant

7. In the RF Configuration group, enter the following fields:

--Index in BSR: enter the SPRs/IDR's index number to be indexed in the BSR, e.g. 2

--BSR Air MAC Address: enter the BSRs Air MAC address to which the SPR/IDR is

associated, e.g.

0x1200


50/58

The figure below displays the SPR/IDR configured in the bridge mode

Analyzing the RF Spectrum

Before setting up your wireless link between Base Station and subscribers, Airspan recommends

analyzing the RF spectrum at the Base Station to select only clear frequency channels (i.e. without

interferences) for building a frequency table for the wireless transmission.


51/58

Airspan recommends using frequencies that are approximately 28, 20, and 12 dB above

interference levels to effectively operate in 8- (4 Mbps/3 Mbps), 4-(2 Mbps), and 2-level FSK

(1.33 Mbps/1 Mbps), respectively.

Accessing the spectrum analyzer:-

You can access the Spectrum Analyzer through either a serial or an IP network communication

mode.

To access the Spectrum Analyzer:

1. Start WipConfig and then connect WipConfig to the BSR by performing one of the following:

--Serial mode: on the toolbar, select the Serial option, and then click Connect.

--IP mode: on the toolbar, select the Network option, and then in the Remote Agent field,

enter the ASWipLL device's IP address, and then click Connect.

2. In the Outlook bar, click the Spectrum Analyzer button; A message box appears informing you

that

the device will lose connection with all other devices.

3. Click OK.

Setting up the spectrum analyzer:-

Before you can start analyzing the spectrum, you need to define various parameters in the

Spectrum Analyzer.

To set up the Spectrum Analyzer:

1. Ensure the Setup tab (located in the top-right pane) is selected.

2. In the Refresh Rate field, enter the rate (in seconds) for polling the BSR/PPR. (The default is 3

sec aximum is 3600 sec.)

3. In the Number of Sweeps group, select the option for scanning the frequency range:

--ngle: scans the spectrum only once

--continuous: cyclically scans the spectrum (i.e. repetitively)

--Custom: you can define the number of sweeps (range is 0 through 1,000 sweeps)

4. To change the antenna gain, in the Antenna Gain field, enter the antenna gain. If you want to

restore the BSRs default antenna gain, click the True Antenna Gain Value button.

5. To define the frequency range for which you want to analyze, define the following fields:


52/58

--Start Freq: frequency from where you want to scan (i.e. lower frequency)

--Stop Freq: frequency to where you want to scan (i.e. upper frequency)

Viewing Results:-

The Spectrum Analyzer results are plotted on the graph as well as displayed in the Results table (to

access the Results table simply click the Results tab).

The following measurements are displayed:

--Average received signal strength (RSS) per frequency (plotted white line on the graph)

--Maximum hold received signal strength (RSS) per frequency (plotted yellow line on the

graph)

--Distance (in spectrum RF) that the BSR/PPR can establish a viable communication link

with another transmitter. This is displayed in the TxRxOffset field.

9

Configuring PCs IP Address

To establish IP network connectivity between your PC running the NMS (WipConfig or

WipManage) and the AS WipLL devices, you need to configure your PC's TCP/IP address settings

in accordance with your AS


53/58

WipLL network's IP addressing scheme:

1.Define PCs (i.e. Ethernet card) IP address so that its in same subnet as the BSR/BSDU.

2.Configure PCs default gateway with the IP address of the BSR, or with the IP address of a

router if oneexists between the PC and BSR.

To configure your PCs IP address settings

1. On the Windows desktop, right-click My Network Places, and then from the shortcut menu,

choose

Properties; The Network and Dial-up Connections folder appears.

2. Right-click the desired connection, and then from the shortcut menu, choose Properties; The

Local Area

Connection Properties dialog box appears.

3. In the Components list, select Internet Protocol (TCP/IP), and then click Properties; The Internet

Protocol (TCP/IP)

Properties dialog box appears:


54/58

4. Select the Use the Following IP Address option, and then enter the following fields:

--IP Address: PCs IP address, e.g. 10.0.0.2

--Subnet Mask: PCs subnet mask address, which must be the same as the BSR/BSDU

(e.g.

255.255.255.0) so that the PC is in the same subnet as the BSR/BSDU

--Default Gateway: PCs default gateway, which can be the BSRs IP address (e.g.

10.0.0.10), or if a

router exists behind the BSR, then the routers IP address

5. Click OK.

10

Establishing Link Using WIP manage

Once you have initialized the BSR and SPR/IDR using WipConfig, you need to add various

WipManage elements to establish a viable air and network link between the BSR and SPR/IDR.

Adding a BS group:-

To add a BS Group:

1. In the Database Tree, right-click , and then from the shortcut menu, choose Add BS Group.

BS Group Add dialog box appears.

2. In the Group Name field, enter a name for the BS Group, e.g. Manhattan_1, and then click

OK.


55/58

Adding a BS:-

You can now add a Base Station (BS) to the BS Group you added in the previous subsection.

To add a BS:

1. In the Database Tree, click the (e.g. Manahattan_1) branch to which you want to add the BS.

2. In the BSs Map view (in the right pane), right-click an empty area, and then from the shortcut

menu choose Add BS; The BS Add dialog box appears.

3. In the BS Name field, enter a name for the BS, e.g. Times Square, and then click OK.

Adding a BSR

You can add up to six BSRs to each BSDU, allowing a maximum of 24 BSRs (6 BSRs x 4

BSDUs) per BS.

In our example, we need to add a BSR with IP address 10.0.0.10.

To add a BSR:

1. In the Database Tree, double-click the (e.g. Times Square) branch.


56/58

2. Right-click one of the six blue rectangles in the same row as the BSDU to which you want to

add the BSR, and then from the shortcut menu, choose Add BSR; The BSR-Add dialog box

appears.

3. In the Manage IP field, enter the BSRs IP address, e.g. 10.0.0.10.

4. In the Get Community and Set Community fields, enter the SNMP community rights.

5. Click OK.


57/58

The Permitted SPRs-Add dialog box appears.


58/58

2. In the IP Address field, enter the SPRs/IDR's IP address (e.g. 10.0.0.20)3. Click OK; The SPR

index #2 icon appears green, as shown below, indicating that a viable air and network link exists

with the SPR/IDR. You can now manage the SPR/IDR.

Testing BSR/SPR Network Link:-

You can test the BSR-SPR/IDR link by pinging the SPR/IDR from a PC located behind the BSR.

Prateek Mid Sem

Documents

Transcript of Prateek Mid Sem