Time Immortal

[image:7441:c:s=1:l=d]

This is a shot of one of the Telus towers in Edmonton. Obviously, it’s been retouched a bit, the most notable adjustment being the addition of vignetting.

[thumb:7034:r:s=1:l=d]So I mentioned that we were having internet-related troubles at work, but didn’t go into detail. Here, with pictures, is that detail.

[thumb:7026:l:s=1:l=d]Monday morning’s first five minutes were not unlike the first five minutes of any other morning on which I chanced to arrive at the office early. As part of my morning routine, I check a few blogs and news sites, and that was what told me something was wrong — I couldn’t connect to any website, nor could I access e-mail. I wish I could say that this is the first time I’ve had to fix early-morning connectivity problems, but at least the past experience with same has left me equipped with a good battery of quick tests that I can perform to determine whether the problem is internal (or external) to the building.

I checked the network hardware — switches and routers, and the modem — and everything seemed fine. The firewall was also working smoothly. For all intents and purposes, nothing seemed to be in error with anything on “our” side. So, the next step was to call Uniserve, our ISP. They proved to be the source of the problem — due to a record-keeping error, they had discontinued our internet access and removed both of our static IP addresses from their servers.

[thumb:7030:r:s=1:l=d]And getting them back, we were told, would take a week.

This is not the first problem that we’ve had with Uniserve — in fact, about a month ago, we stopped using them for web hosting and moved over to Bluehost. This incident, then, was determined to be the proverbial “straw,” and the boss began calling around to see how quickly Telus ADSL could be brought in to the building. I’m not a huge fan of Telus either, but they are better than Uniserve. As it turned out, Telus could have us back online in two days’ time, which was acceptable enough given our circumstances…but we needed to be online sooner, if possible.

[thumb:7031:l:s=1:l=d]Matt, the IT manager, sent me to Memory Express to buy two routers, two wireless access points, and two antennas, while he went to the company next door and asked if we could borrow the use of their Internet connection for a day or two. They’re good folks, and agreed to the request. We owe them doughnuts and beer now, but that’s a price we’ll gladly pay.

[thumb:7032:r:s=1:l=d]What we did next still has us feeling like rock stars. In the abstract, what we did is basically connect our network to the Internet again through a free port on their router, the same as if we had run a cable directly between the buildings. Only we didn’t run a cable between buildings — we did it wirelessly.

[thumb:7029:l:s=1:l=d]On their side of the connection, we set up one of the routers and connected it to their network (i.e. we plugged a cable going from their network switch into the WAN port on our router). We assigned it an IP address in their subnet scope (196.168.1.x). We kept our router’s subnet scope set at the default for D-Link hardware (192.168.0.1), so what was basically happening is that the router was serving as a network address translator between the .1.x and .0.x scopes. We connected the first wireless access point (which has a default IP address of 192.168.0.50) to one of the router’s switch ports with a long network cable, and then set up the access point in the window of an office of the neighbouring building that faces our offices (pictures 1, 2 above).

We set that access point to operate in WDS mode, and programmed it to connect to the other access point by hard-coding said other access point’s MAC address into its firmware.

[thumb:7028:r:s=1:l=d]Back at our offices, we configured the other access point (pictures 3, 4 above) to operate in WDS mode as well (bound to the MAC address of the access point in the building next door), and set its IP address to be 192.168.0.49 (since we didn’t want them to be in conflict). We then plugged that access point into a router (pictures 5, 6 above) on this side which assigned IP addresses using the 192.168.0.x scope, and which in turn had an IP address in the 10.0.0.x scope (which is what we use here for the network) — another network address translation (NAT). We then pointed our two DNS servers at the router instead of at the firewall, and crossed our fingers…

[thumb:7027:l:s=1:l=d]…and then celebrated rather a lot when we tested Google in Matt’s office and saw the page load. A few more tests of internet and email connectivity later and we announced to everyone that we were back up and running.

Did I make all of that sound easy? I guess in a way it was — the concepts themselves are pretty straightforward, to be fair. But it still took us over a day to get off the ground, as one obstacle after another hampered us. First, testing this setup in a “lab” environment was tricky at best, especially since we weren’t actually able to test one layer of the address translation until we had everything set up and in place. And even once it was all set up, we had issues getting the wireless access points to talk to each other simply because their transmission range is small — these are, after all, “off the shelf” home-use components, not business-class units. Even the extra antennas we bought (pictures 8, 9) didn’t buy us as much range as we’d hoped. Positioning became important.

[thumb:7033:r:s=1:l=d]And then there’s the whole issue of NAT, and the fact that in bringing internet access into this building from next door using this wireless scheme, we are actually translating from the 192.168.1.x scope to the 10.0.0.x scope, by way of the 192.168.0.x scope.

Still, in the end, it all worked more or less as we’d hoped it would, and the only thing we’ve had to contend with in the aftermath of it all is that Telus seems to block port 25 (the default “send” port for email clients like Outlook and Thunderbird). Fortunately, our mail server also accepts connections on port 26, so I’ve been making adjustment to user settings all afternoon.