Information about the Linksys Router WRT54G(S) for Ham Radio high speed data usage.

The Linksys WRT54GS WLAN-Router is a powerful cheap device useable for hamradio. It is about 75,- €, but you have to care which subversion you buy. Please check http://openwrt.org and http://www.seattlewireless.net/index.cgi/LinksysWRT54GS for further details about flash memory and capabilities to use OpenWRT.

Arsene, LX1TB has modified the Linksys WRT54G(S) models to tune the frequencies below 2400 MHz for better fit with the hamradio bandplans; Look on his german website to get the details: http://www.rlx.lu/~lx1tb/wrt54gs/.

The WLAN-Router has a MIPS 200 MHz CPU, 32 MB RAM, 8 MB Flash, WLAN 802.11b, a 5-port switch and 2 serial ports which have to be upgraded by hand (without hardware handshake). See http://www.rwhitby.net/wrt54gs/serial.html for the serial modification. The ports support up to 460k8 serial transfer rate !!

The WRT54GS for hamradio usage has been presented at the 21th international packet radio meeting in Darmstadt, Germany. There’s a German summary available: http://db0fhn-i.ampr.org/wrt54gs/prtagung (nice pics if you can’t read German.

We are providing packages for the hamradio community. Please add “src dg8ngn http://db0fhn-i.ampr.org/wrt54gs/ipkg” in your ipkg.conf and say “ipkg update”. Download Package-File to see available hamradio software. If you have any further programms you like or already have compiled for mipsel, please contact me to update the software archive.

Some useful hints for hamradio operators:
– The serial modification is just a MAX3232 (3.3Volt) and five 0.1 µF tantal capacitor (if you need serial speed >115k2 DD4RD suggests to use a MAX3380 which can be obtained at http://www.segor.de for example).
– On my WRT54GS /dev/tts/0’s default IRQ is 3. /dev/tts/1 is set to IRQ 0. To set /dev/tts/1 to IRQ 3 use setserial. Add “src florian http://openwrt.alphacore.net” to ipkg.conf and install setserial with “ipkg update”, “ipkg install setserial”. Run Setserial: “/bin/setserial /dev/tts/1 irq 3”. Now you can use /dev/tts/0 AND /dev/tts/1 for any serial device at the same time.
– To initialize a Kenwood TH-D7 for KISS-Usage I have a ugly workaround. First Start Digi_Ned with “digi_ned -p /dev/tts/0:9600:1”. After startup cancel operation with CTRL+C. The serial ports keeps initialized with 9k6. Now send the TNC-commands for switching to KISS: echo -e “\015softdcd on\015kiss on\015restart” >/dev/tts/0. The TH-D7 will indicate changing to KISS by blinking STA CON on the display.
– The wireless bridge will NOT work in ad-hoc or clientmode ! You have to use WDS and AP-Mode for bridging !!
– Get “wl” for using one antenna for TX (wl txant 1) and the other for RX (wl antdiv 0). 0 = antenna @dc-plug, 1 = antenna @reset-switch. Add “src ab0oo http://www.wildcatwireless.net/wrt54g” for getting an archive with “wl” (ab0oo is also a hamradio operator

– You can adjust TX-Power with “wl txpwr 0-255” up to about 160mW. “wl txpwr 100” and above will cause some by-products. Be careful not to overheat the device. Here’s a little table (round about):

wl txpwr mW
0 0.5
3 3
6 5
17 12
30 25
70 50
200 125
250 160

Links:
Adding an SD card reader to the WRT54G: http://kiel.kool.dk/

73 de DG8NGN, DL5RB & DL9SAU

 

Modifying Consumer Off the Shelf Wireless LAN Router devices for specialized Amateur Radio usage

Background:

Since 1999 and possibly earlier, the US Department of Defense has used modified Consumer Off The Shelf (COTS) wireless LAN products reprogrammed to operate in military frequency bands with enhanced encryption.  Most COTS WLAN products can be easily modified to employ these frequencies because of their modular architecture.   Their future versions of modified COTS WLAN products may include frequency agile transceivers that can work in multiple frequency bands via plug-in modules or software selection.

It’s a fact that most wireless devices are manufactured for international marketing.   The manufacture just makes minor hardware or firmware changes to comply to the intended countries radio rules.  These firmware options usually include minor output power and band plan changes.  It may be possible and to a hams advantage to shift the center frequency of your device to avoid Part 15 interference or increase the devices output power to overcome Part 15 interference.  Also to avoid Part 15 interference a ham may be able to change the country code in the devices firmware to shift frequency operation into foreign band plans that might not be shared with Part 15 here in the US.

Shifting frequency to keep out Part 15 may be a difficult or impractical option, but there are others ways which will have the same desired effect.  It might be fairly easy to create a “non-compatible” fork of the source code for hams, that would keep 99.95% of the general public (Part 15) out of ham space.

There are several different chipsets out there such as; Marvell, Atmel, Atheros, Hermes, ADMTek, Infineon, Broadcom, Intersil/Prism, Ralink, Realtek, Texas Instruments, WiDeFi, VIA, Conexant.

The quicker overview of two pertinent areas you may be curious about: Enabling ham radio channels in wireless 802.11 devices


The Atheros Chipset

The Atheros chipsets for the IEEE 802.11 standard of wireless networking are used by over 30 different wireless device manufacturers, including Netgear, D-Link and Linksys.  They were founded in 1998.  The Atheros chipset doesn’t really know about channels; they are determined by the code that’s loaded into it at boot time. All of these country codes (including XX or ## which have been used for “without regulatory constraints”) are part of the driver, or “hardware abstraction layer” (HAL). Atheros will sell you the tools to build a driver, if you’re manufacturing a device and do a licensing agreement with them.

Atheros extended range (xr) mode (not to be confused with Ubiquiti XR products), is something worth amateur investigation.  According to their white paper, it is a special 250 Kbps OFDM mode that yields -105 to -97 dBm receive sensitivity.  Sadly thus far, there has been little 3rd party driver support to include this.  Note that all of the newer Atheros Chipsets starting with the 9XXX series (The stuff that now is pushing 802.11n) has dropped XR mode.  Many feel XR mode is a moot point since user configurable ACK timing settings have come along.

All of the below country codes (including XX or ## which have been used for “without regulatory constraints”) are part of the driver, or “hardware abstraction layer” (HAL).   These are the secrets to unlock all channels supported by the Atheros hardware (2312-2732, 4920-6100 MHz). It is up to the end user to ensure they stay within their region’s regulatory channel ranges.  (While IEEE has not assigned channels to these upper 2.4 GHz frequencies, however they would equate to 0, -1, -2, etc.)

These two-letter codes can be entered on the Atheros configuration dialog to enable certain bands for that country.  Country codes can be used on cards with Regulatory Type (RT): All_Countries as shown in the regulatory information box.

Artheros Supported Channels (Center Frequencies) – 2GHz IEEE 802.11b/g channels (frequencies are given in MHz):

2312, 2314, 2317, 2319, 2322, 2324, 2327, 2329, 2332, 2334, 2337, 2339, 2342, 2344, 2347, 2349, 2352, 2354, 2357, 2359, 2362, 2364, 2367, 2369, 2372, 2374, 2377, 2379, 2382, 2384 2387, 2389, 2392, 2394, 2397, 2399, 2402, 2404, 2407, 2409, 2412, 2414, 2417, 2419, 2422, 2424, 2427, 2429, 2432, 2434, 2437, 2439, 2442, 2444, 2447, 2449, 2452, 2454, 2457, 2459, 2462, 2464, 2467, 2469, 2472, 2474, 2477, 2479, 2482, 2484, 2487, 2489, 2492, 2494, 2497, 2499, 2512, 2532, 2552, 2572, 2592, 2612, 2632, 2652, 2672, 2692, 2712, 2732

802.11a channels:

4920, 4925, 4930, 4935, 4940, 4945, 4950, 4955, 4960, 4965, 4970, 4975, 4980, 4985, 4990, 4995, 5000, 5005, 5010, 5015, 5020, 5025, 5030, 5035, 5040, 5045, 5050, 5055, 5060, 5065, 5070, 5075, 5080, 5085, 5090, 5095, 5100, 5105, 5110, 5115, 5120, 5125, 5130, 5135, 5140, 5145, 5150, 5155, 5160, 5165, 5170, 5175, 5180, 5185, 5190, 5195, 5200, 5205, 5210, 5215, 5220, 5225, 5230, 5235, 5240, 5245, 5250, 5255, 5260, 5265, 5270, 5275, 5280, 5285, 5290, 5295, 5300, 5305, 5310, 5315, 5320, 5325, 5330, 5335, 5340, 5345, 5350, 5355, 5360, 5365, 5370, 5375, 5380, 5385, 5390, 5395, 5400, 5405, 5410, 5415, 5420, 5425, 5430, 5435, 5440, 5445, 5450, 5455, 5460, 5465, 5470, 5475, 5480, 5485, 5490, 5495, 5500, 5505, 5510, 5515, 5520, 5525, 5530, 5535, 5540, 5545, 5550, 5555, 5560, 5565, 5570, 5575, 5580, 5585, 5590, 5595, 5600, 5605, 5610, 5615, 5620, 5625, 5630, 5635, 5640, 5645, 5650, 5655, 5660, 5665, 5670, 5675, 5680, 5685, 5690, 5695, 5700, 5705, 5710, 5715, 5720, 5725, 5730, 5735, 5740, 5745, 5750, 5755, 5760, 5765, 5770, 5775, 5780, 5785, 5790, 5795, 5800, 5805, 5810, 5815, 5820, 5825, 5830, 5835, 5840, 5845, 5850, 5855, 5860, 5865, 5870, 5875, 5880, 5885, 5890, 5895, 5900, 5905, 5910, 5915, 5920, 5925, 5930, 5935, 5940, 5945, 5950, 5955, 5960, 5965, 5970, 5975, 5980, 5985, 5990, 5995, 6000, 6005, 6010, 6015, 6020, 6025, 6030, 6035, 6040, 6045, 6050, 6055, 6060, 6065, 6070, 6075, 6080, 6085, 6090, 6095, 6100

You will notice that the channels appear to overlap.  But you can lock in rates other than full speed and thusly use less bandwidth.  A normal 802.11b channel @ 11Mbps occupies about 20 MHz, the 802.11g equivalent at 54 Mbps will also occupy about 20 MHz.   There are a variety of different supported-rates and corresponding channel widths you can lock in; 1Mbps 2Mbps 5.5Mbps 6 Mbps, 9 Mbps, 11Mbps, 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps.  Some of these rates are tied to the mode, 802.11b or 802.11g or the supported channels, so you will need to pay attention to that.  The lowest Atheros channel a ham can use is centered at 2394 MHz.

As you can see my utilizing different supported-rates, you can take advantage of the different channels with minimal or no overlapping.  You may also be able to fit a ham only channel in in band segments not shared with Part 15, resulting in a lower noise floor.

Atheros 10MHz and 5 Mhz modes.. (especially 5MHz)  what modulation do they use, and what is the speed/ rx sensitivity in 5MHz channel mode/rate? compared to the published -95 or -97 dBm for 1Mbps (b) mode or the -92dBm for OFDM 6Mbps mode?

Here is a typical comparison chat that I managed to find in a FCC product ID test report:

Tx/Rx Specification5 MHz Channel BW (QUARTER RATE) Data Rate Modulation Tx Power (± 1 dBm) Rx Sensitivity (± 2 dBm)
1.5 Mbps BPSK/COFDM 30 dBm -97 dBm
2.25 Mbps BPSK/COFDM 30 dBm -97 dBm
3 Mbps QPSK/COFDM 30 dBm -95 dBm
4.5 Mbps QPSK/COFDM 30 dBm -93 dBm
6 Mbps 16QAM/COFDM 30 dBm -90 dBm
9 Mbps 16QAM/COFDM 29 dBm -96 dBm
12 Mbps 64QAM/COFDM 28 dBm -81 dBm
13.5 Mbps 64QAM/COFDM 27 dBm -78 dBm

 

Tx/Rx Specification10 MHz Channel BW (HALF RATE) Data Rate Modulation Tx Power (± 1 dBm) Rx Sensitivity (± 2 dBm)
3 Mbps BPSK/COFDM 30 dBm -95 dBm
4.5  Mbps BPSK/COFDM 30 dBm -95 dBm
6 Mbps QPSK/COFDM 30 dBm -93 dBm
9 Mbps QPSK/COFDM 30 dBm -91 dBm
12 Mbps 16QAM/COFDM 30 dBm -88 dBm
18 Mbps 16QAM/COFDM 29 dBm -84 dBm
24 Mbps 64QAM/COFDM 28 dBm -79 dBm
27 Mbps 64QAM/COFDM 27 dBm -76 dBm

 

Tx/Rx Specification20 MHz Channel BW (FULL RATE) Data Rate Modulation Tx Power (± 1 dBm) Rx Sensitivity (± 2 dBm)
1 Mbps DBPSK/DSS 30 dBm -97 dBm
2  Mbps DBPSK/DSS 30 dBm -95 dBm
5.5 Mbps CCK/DSS 30 dBm -92 dBm
11 Mbps CCK/DSS 30 dBm -90 dBm
6 Mbps BPSK/COFDM 30 dBm -93 dBm
9 Mbps BPSK/COFDM 30 dBm -93 dBm
12 Mbps QPSK/COFDM 30 dBm -91 dBm
18 Mbps QPSK/COFDM 30 dBm -89 dBm
24 Mbps 16QAM/COFDM 30 dBm -86 dBm
36 Mbps 16QAM/COFDM 29 dBm -82 dBm
48 Mbps 64QAM/COFDM 28 dBm -77 dBm
54 Mbps 64QAM/COFDM 27 dBm -74 dBm

The long and sort of it is that the RX sensitivity doesn’t change much.  This is what I suspected all along since no one was claiming anything miraculous.  While the carrier width might be less, I think the non-difference is more so explained by the spread spectrum loss of signal processing gain.  Notice how the modulation changes at the various channel widths (but at the same data rate).

For a while no open source HAL’s existed that can let you do 5/10Mhz mode. You had to use  MikroTik, StarOS, IkarusOS, DD-WRT and a few others for these modes.  As of June 2010, it appears that 5/10 Mhz support seems to be implemented in ath5k now.

Atheros Based Devices (known third party firmware exists for those in bold):

Accton: MR3101A, MR3202A, WN6301, WN5301D, WN4402,
Airlink 101: AR335W, AR430W, AR431W
Airlive / Ovislink: WHA-5500CPE, WHA-5500CPE-NT, WLA-5000, WLA-9000ap
Allnet: All0285
Asus: WL-200
Buffalo: WHR-HP-AG108
Conceptronic: C54APT
Compex: NP25G
D-Link: DIR-300, DIR-400, DIR-615, DIR-625, DIR-628, DSM-G600, DWL-2100, DWL-2100, DWL-G650, DWL-G520, DWL-AB650, DWL-AB520, DWL-A520,
FON: La Fonera
Gateway: 7001
Linksys: WRT54G v7.0, WRT55AG
Meraki: Mini, Outdoor
Netgear: WGT624, WGT624
OSBRiDGE: 24XLG, 24XLGi, 5Si
Senao / EnGenius: EAP-3660, ECB-3500, EOA-3650, EOC-1630, EOC-1650, EOC-2610, EOC-5610
SparkLAN: WX7615A, WX7800A
Ubiquiti: All products
US Robotics: USR5453
Wistron: CA8-4 Pro, RDAA-81, RDAT-81 PCBA

And even more interesting is that that within the Atheros chip it is possible for licensed developers to enable a local oscillator generation for a direct conversion radio transceiver. This is Not an open function, but irregardless, this is how 802.11 products on 900 MHz (Ubiquiti XR9), and 3 GHz (XR3) (as well as other places) are possible and on the market.


Madwifi

By 2003 the Linux community rallied behind Atheros and their technology.  Open Source developer Sam Leffler, released an open source Linux  driver for the 802.11a/b/g Atheros chipset.  Leffler’s, Multiband Atheros Driver for WiFi is also know as madwifi.  His driver is actually partially open source driver per agreement with Atheros as the hardware abstraction layer (HAL) is a locked-down binary that restricts you to the Part 15 channels.   MadWifi is a loadable kernel module driver for the Linux kernel that allows Atheros-based cards to work in Linux-based operating systems. The name is short for Multiband Atheros Driver for Wireless Fidelity.   (It should be noted that the MadWifi project uses a HAL supplied by Sam Leffler. His HAL version differs from Atheros HAL)

Basically the Hardware Abstraction Layer (HAL) prevents developers from having access to most of the radio functionality, which would might allow use of frequencies that aren’t legal in particular countries, use of encodings that aren’t allowed, and other regulatory problems.

The Atheros chips have quite a bit of capability beyond the 802.11a/b/g bands and bandwidths.  Around 2006 narrow channel 20/10/5MHz channel width cloaking options started to be discussed on the madwifi development lists.  These capablies are used to reduce the channel spacing to produce more usable channels, at a cost of throughput. In typical 2.4GHz wireless AP, there are only 3 non-overlapping channels available but with cloaking we can use all 14 channels without interference. This is done by reducing the channel bandwidth spacing down to as low as 5 MHz per channel instead of 20 in normal mode.  These adjustable channels widths are now part of the standard Atheros/Madwifi HAL.

A company called, Ascom in Switzerland, has written their own Atheros driver (under Atheros license), and will provide various versions of it for a fee. It is believed that this is the source of the implementations out there that permit operation out of the ISM/UNII bands such as Mikrotik, StarOS, Ikarus.  If you pay an extra $10, Mikrotik will give you a code which unlocks the “custom”  frequencies in 2.4 and 5 GHz that the Atheros chipset will support.   They will ask that you sign a statement that you will comply with the rules of your country.

July 2007:
“A driver for Atheros wireless cards is available in OpenBSD that talks directly to the hardware, based on reverse engineering efforts done by Reyk Floeter. Relevant parts of the driver have been ported to Linux by Nick Kossifidis to start OpenHAL, a free (as in freedom) replacement of the proprietary HAL. Claims that the OpenBSD driver (and thus also OpenHAL) contains stolen code slowed down the OpenHAL efforts but finally could be voided. The Software Freedom Law Center (SFLC), with the help of Atheros, performed a thorough code review and concluded “that OpenHAL does not infringe copyrights held by Atheros”. In other words, the way is clear now for the inclusion of an OpenHAL-based driver into the Linux kernel.”  Since this announcement madwifi has abandoned their prior proprietary partially open driver in favor of this new totally open one.

This new driver is called ath5k.  “ath5k is a completely FOSS Linux driver for Atheros wireless cards. It is based on MadWifi and the OpenHAL. In ath5k we’ve gotten rid of the entire 2-module-layer HAL architecture, ath5k now just calls hardware functions directly.”

Atheros obviously understands that a blob does not help to prevent people from tuning the radio to frequencies they are not allowed to use. Luis Rodriguez is working on a in-kernel framework called “Central Regulatory Domain Agent” (CRDA) which will take care of the regulatory issues involved in running a WLAN device. He has been hired by Atheros as they are now is sponsoring his work.

http://madwifi-project.org/ticket/941
http://madwifi-project.org/ticket/793


MikroTik

MikroTik is a Latvian manufacturer of computer networking equipment, founded in 1995. The main product of MikroTik is a Linux-based operating systems known as MikroTik RouterOS  The RouterOS, combined with their hardware product line, known as MikroTik RouterBOARD, is marketed at small to medium sized wireless Internet service providers, typically providing broadband wireless access in remote areas.  It was one of the first combinations of hardware and software able to use Atheros channels/frequencies outside the Part 15 band.  All one needed was a superchannel license.

From the Property Description section of the MikroTik reference manual:

frequency-mode (regulatory-domain | manual-tx-power | superchannel; default: superchannel) – defines which frequency channels to allow

regulatory-domain – channels in configured country only are allowed, and transmit power is limited to what is allowed in that channel in configured country minus configured antenna-gain.

Also note that in this mode card will never be configured to higher power than allowed by the respective regulatory domain

manual-tx-power – channels in configured country only are allowed, but transmit power is taken from tx-power setting

superchannel – only possible with superchannel license. In this mode all hardware supported channels are allowed

/interface wireless set wlan1 frequency=XXXX


Linksys WRT54G

The WRT54G is notable for being the first consumer-level network device that had its firmware source code released to satisfy the obligations of the GNU GPL. This allows programmers to modify the firmware to change or add functionality to the device. Several third-party firmware projects provide the public with enhanced firmware for the WRT54G.

The WRT54G was released in 2003 in anticipation of the 802.11g standard.  In June 2003 some folks on the Linux Kernel Mailing List sniffed around the WRT54G and found that its firmware was based on Linux components. Because Linux is released under the GNU General Public License, or GPL, the terms of the license obliged Linksys to make available the source code to the WRT54G firmware. As most router firmware  is proprietary code, vendors have no such obligation. It remains unclear whether Linksys was aware of the WRT54G’s Linux lineage, and its associated source requirements, at the time they released the router. But ultimately, under outside pressure to deliver on their legal obligation under the GPL, Linksys open sourced the WRT54G firmware in July 2003.

With the code in hand, developers learned exactly how to talk to the hardware inside and how to code any features the hardware could support. It has spawning a handful of open source firmware projects for the WRT54G that extend its capabilities, and reliability, far beyond what is expected from a cheap consumer-grade router.  In short due to open source, one can load a third party firmware on the router and give a $60 consumer homegrade router into a all the functionality of a $600 Cisco professional router.  The Linksys WRT routers use the Broadcom chipset.


Ubiquiti

Ubiquiti Networks  was founded in 2005.  Their frequency freedom technology (802.11 from 400MHz to 9GHz), seems to lead the way and promise integrated radio technology which uses an advanced RF integration and firmware design to provide a powerful platform capable of operation in any frequency imaginable.   Basically Ubiquiti radios are Atheros chipsets with transverters onboard.

They have devices based on the Atheros 802.11 chipset for 902-928 MHz, 2.3 – 2.7 GHz 3.3 – 3.7 GHz, and 4.9 – 6.1 GHz on 802.11a devices

When WiMAX platforms for operation around 3 GHz were in their planning stage, Ubiquiti acted quickly to provide a 3 GHz 802.11 solution for direct competition. August 2007 the XR3 became available, exceeding the performance of available WiMAX offerings. The XR3 is available in three different models with frequency operation spanning 2.7GHz to 3.7GHz. The XR3 was specifically designed for long-distance, outdoor broadband wireless applications.  This worked out well for us hams, as there is a 3 GHz ham allocation, and their XR3-3.5 yields over 30 non-overlapping full-width channels unshared with Part 15 unlicensed devices.

XR3’s are 5 GHz card with a down converter to 3 GHz so it will work with 802.11a setting using 2GHz offset conversion, similar to how the XR9 are 2.4ghz with a down converter to 900 MHz… If you want to use 3.65 GHz you will choose 5.65GHz . Just add 2 GHz to the frequency you need.

AirOS is Ubiquiti’s stock operating system which is integrated into long-range embedded systems (LiteStation2, LiteStation5), CPE (NanoStation2, NanoStation5), and outdoor wireless platforms (PowerStation2, PowerStation5.)  Extra channels support is enabled by changing the regulatory domain/ country in which you reside.  This is entirely open source firmware available in an all-in-one SDK for free which you can alter and compile yourself.

7/08: Ubiquiti has started shipping its “NanoStation” radios in 2.4 and 5 GHz. With the appropriate country code selected, the 5 GHz unit will cover the entire amateur allocation 5660-5925 MHz, not just the ISM/UNII frequencies. 5, 10 and 20 MHz wide channels, Atheros chipset, 400 mW radio, 802.11a protocols, in a molded weatherproof case with 13 dBi antenna, dual polarization, plus external SMA antenna connector, entirely open source firmware available in an all-in-one SDK for free which you can alter and compile yourself. With power-over- ethernet injector and 12 volt wall wart, $79 for 2.4 GHz or $89 for 5 GHz. They use the Atheros AR2315 chipset

8/07: A group of Italian ham radio operators break a distance record (189 miles) using the Ubiquiti XR5.

NS2  is listed at 400 mW with an integrated 10dBi gain antenna  MSRP $79
NS5 is listed at 250 mW with an integrated 13 dBi gain antenna MSRP $89
NS3 is listed at 250 mW  with an integrated 13 dBi gain antenna – Unveiled Feb 2009 expected MSRP $80-95…  perfect for 3 GHz!
Note: The NanoStation 3 will likely never be certified for use in the US as it is mainly an overseas OEM product, with a suggested price of $87.  Hams can buy it from Europe or Latin America. (Hams use other radios not certified all the time.)  However the XR3, is a MiniPCI card and works fine and can be bought in the US.  As well as these TDMA solutions:
The NanoStation M3 is a 3.3-3.7GHz (320 mW) 2×2 MIMO AirMax TDMA Station. $165.00
Rocket M3: 3.3-3.7GHz Hi Power (320 mW) 2×2 MIMO AirMax TDMA BaseStation. $189.00

NanoStation2/5 “LOCO” – This dual-polarity (auto-switching/diversity) 8db antenna has 100mw output and POE (18V). The 5ghz version comes with 13dbi integrated antenna. The NS2/NS5 “LOCO” does not have external antenna connector like the standard NS2/NS5.  It’s also a little less powerful, only 20 dBm (100 mW) instead of 26 dBm. (400 mW).. Keep in mind after market firmware hacks let you do nearly one watt with the normal NS2, so this is likely a low ended report of what is actually capable of.

NS2L listed at 100 mW with an integrated 8db antenna MSRP $ 49
NS5L listed at 160 mW with an integrated 13 dBi gain antenna  MSRP $69

If you need an external antenna, never fear they have the Bullet  This is the cheapest, most simplistic device yet.  An integrated outdoor adaptor, simply with an N connector and POE ethernet port.  There are high power versions available too.  They use the 6th generation Atheros AR5414 chipset is rated at 1 watt.

Bullet2 – 2.4 GHz listed at 100 mW, MSRP of $39
Bullet5 – 5 GHz 150 mW MSRP of  $59
Bullet2HP – listed at 800mW MSRP of $79
BulletM5HP – listed at 320 mW MSRP of $79

ExtremeRange XR3-3.5 – While it lists as 300 mW, it uses the Atheros, 6th Generation, AR5414 chipset capable of 1 watt.   The 3 GHz ham allocations are from 3.3 to 3.5 GHz yielding over 30 better suited non-overlapping full-width channels unshared with Part 15 unlicensed devices.  The MSRP is $240. The price is still considerably lower that an Icom ID-1 implementation and yields much higher throughput.

Here is a screen shot of how to enable the ham channels in Air-OS when you have Atheros hardware to support it: http://www.qsl.net/kb9mwr/projects/wireless/airos-ham.jpg


DD-WRT

DD-WRT is probably one of the most prominent third party firmware’s available for a wide assortment of various off-the-shelf router hardware. It unlocks a ton of features that the standard factory firmware isn’t capable of.  Sebastian Gottschall (BrainSlayer) created DD-WRT to offer a free version of Sveasoft.  (Sveasoft was based on the original versions of the WRT54G firmware from Linksys and was one of the first third party firmware packages for the WRT54G)

DD-WRT v24 presents support for all Ubiquiti devices (LS2, LS5, NS2, NS5, PS2, PS5) for the latest release candidate RC7. The associated firmware versions are part of the line of DD-WRT firmwares for professional use. Ubiquiti offers affordable yet powerful devices based on Atheros wireless technology and allows high performance long range Wireless LAN connections, especially when driven by DD-WRT.

http://www.dd-wrt.com/dd-wrtv3/community/developmentnews/1-common/21-dd-wrt-for-ubiquiti-devices.html
The ‘superchannel’ marked Tab only appears when DD-WRT is used on Atheros based routers. Broadcom do not, as they just can’t be opened in this manner. Meraki, Accton, Fonera, Siemens, etc… are those with Atheros… The superchannel option does offer it (2.3 – 2.7 ghz for 802.11g devices and 4.9 – 6.1 ghz on 802.11a devices)

Since the Atheros chipset based routers and extra channels are typically used mostly by professional users which use it for business, DD-WRT offers the Superchannel Activation extension for around $25.

Here is a screen shot of how to enable the ham channels in DD-WRT when you have Atheros hardware to support it: http://www.qsl.net/kb9mwr/projects/wireless/ddwrt-ham.jpg


Enabling ham radio channels in wireless devices

The Ubiquiti extreme range mini PCI modules are meant to be used with a router board / station.  (MikroTik networking equipment works similarly.) These boards have multiple slots to support multiple radio modules.  For instance you could have a 900 MHz user LAN module and a 5.8 GHz backbone module.  The router station comes preloaded with Open-WRT Standard.    Open WRT is a Linux-based firmware program that  primarily uses a command-line interface, but also features an optional web-based GUI interface.  The Open WRT distribution has all the ncessary drivers to see the radio modules and network routing and madwifi radio drivers.  Optionally you can load something like DD-WRT if you are more familiar with that.

To enable the ham radio channels on these mini PCI devices you can do this from the linux command line if you are using Open WRT.  It’s very easy, all you do is edit the /etc/modules.d/50-madwifi to include the countrycode parameter, use country code XX  to enable without regulatory constraints.

Embedded Atheros radio devices  such as La Fonera, D-Link DIR-300 home grade as well as Ubiquit Nano staiton, and Bullet professional grade products all have firmware running onboard Flash ram to control the radio chipset.    All you do is go into the graphical user interface with your web browser and change the country code (or enable the super channel for DD-WRT).  (With home grade Atheros routers such as the La Fonera, D-Link DIR-300, you will likely need to load third party firmware such as DD-WRT to be able to enable out of band opperation.  This is done via the web based firmware update box or using TFTP)

Once you have done this a new channels list will be available.  2312-2484 mhz for 802.11g devices and 5660-5925 MHz for 802.11a devices.  Expanded channel lists for proprietary radio modules such as the 900 MHz and 3 GHz devices work similarly.  They simply have integrated tranverters using a local oscillator that shift the frequency from the base 802.11g or a chipset.


So what about unlocking additional channels in other chipsets/hardware?

As you can see open source drivers unlocked the possibility of additional frequency support.  It allows programmers to be able to write a driver.  This can even be be loaded onto open source/ Linux based hardware routers.

In summary; Atheros has allowed a third party to create a layer between the low-level functions of its chips and high-level drivers via the madwifi development.

Broadcom is the the chipset of most common Linksys WRT54G routers.  Broadcom as of 2005 has declined so far to provide non-licensed access to it’s chips.  A project that has been working to reverse engineer access using legal means has released its first working drivers for Broadcom 4300 series chips. The project requires the use of the SoftMAC software as well to compile working drivers within Linux. The first successful use was documented in email Dec. 4 to the developer’s mailing sent from a PowerBook running Linux with the project’s drivers installed.  This appears to be more of platform abstraction layer.  Broadcomm has since repeatedly stated that they fully intend to release open source drivers for their wireless chipsets.  The real question is will it be down to the desired hardware layer?

http://bcm43xx.berlios.de/
http://linuxwireless.org/en/users/Drivers/b43

The legal concerns stem from that FCC forbidding selling radio devices in which user has total control over radio frequency being used.  This is part of the certification process.  That’s the reason Atheros, Broadcom and others don’t open their software outright.  Manufacturers have to be sensitive when it comes to wireless gear.  The wireless chipsets are capable of operating outside of their allotted spectrum in many countries and the only thing that stops them from doing so is the lowest level of software/firmware.  Their licenses to sell this stuff relies on their being able to stay within their allocated frequency ranges so they are caught between a rock and a hard place. If they allow the hardware to be run without software/firmware/HAL that they wrote, then they can get into trouble. Obviously, company lawyers tend to err on the cautious side, hence the ‘hard line’ that OSS developers are seeing from some of these companies. They see it as an extreme liability issue, with the capacity to severely harm their company.   For more info see “Towards a free Atheros Driver.”

Note: Over the years most of these legal sensitive concerns have diminished a bit, and either way popular third party developers such as the popular DD-WRT have added a superchannel GUI tab option, so this is even easier yet.

Historically chipset manufactures have been pretty timid, and have held back features that are legally sensitive, and typically don’t speak much publicly about this matter.

From: Progress on Linux Support for Contemporary Wi-Fi By Glenn Fleishman

Linux, and other variants have lagged in Wi-Fi support due to chip vendor’s stated concerns about access to the low-level radio functions on their chips.  A Linux Wireless Summit, in February 2007 apparently has helped move development along. The summit’s organizer is quoted and paraphrased as stating that the FCC will only certify Wi-Fi devices that have a closed-source component for handling low-level radio settings, such as frequency choice and power levels.  Actual evidence as to this fact, was remained to be seen. That would be an extra-regulatory step for the FCC, as there is no defined requirement for releasing radios that cannot be modified.  The burden of responsibility is typically on the purchaser who modifies hardware conforming to regulatory limits, and suffering the penalties if they fail to conform.

Hardware vendors license their equipment under FCC section 15 regulations, even though technically pure software devices could be under SDR (Software Defined Radio) regulations. FCC wants all devices to have a ‘no trespassing’ sign on radio settings but there is no consensus on what that means.  However Wi-Fi chips that don’t use formally use SDR, they have aspects of SDR that make their concerns about opening up full control reasonable.

FCC Rules on FOSS and Software-Defined Radio
FCC Proposes Rule Changes To Facilitate Software Defined Radio Deployment

http://lwn.net/Articles/456762 /

http://linuxwireless.org/en/us ers/Drivers/brcm80211

This recently released (2010) Broadcom wireless driver seems to have structures which imply the PHY in the chips can be directly controlled to program HSMM channels.


Hardware mods:

Prior in older hardware these tweaks were simple hardware changes.  Such as in our original work with the Proxim Symphony, it was possible to tweak the card to double its output power.

On the Proxim Symphony it’s was possible to change out the dropping resistors that run the RF power amplifer IC and run the IC at 3.6 – 3.9 volts to double the RF power output. The maximum DC voltage for this IC is 4 volts and the maximum RF power output is around +23 dBm (200 mW).

It’s also possible to tap the PIN diode bias line to control an external amplifier on most wireless devices.

For more information on this modification see: http://www.qsl.net/n9zia/wireless/cardmap.html
For info on 802.11 hardware mods see: http://www.qsl.net/n9zia/wireless/appendixG.html

Some hams in Germany recrystaling WRTs to go outside of the ISM band:  Arsene, LX1TB has modified the Linksys WRT54G(S) models to tune the frequencies below 2400 MHz for better fit with the hamradio bandplan..  Look on his German website to get the details:

http://www.rlx.lu/~lx1tb/wrt54gs/
http://db0fhn-i.ampr.org/wrt54gs/
Also see this chart from Kipton, AE5IB

Modified firmware:

In our day we also attempted to see what was possible by modifying and reverse engineering the Proxim Symphony Driver.  See:  http://www.qsl.net/n9zia/wireless/page03.html

[At the time I also contacted and spoke with several people at Proxim to try and obtain a schematic or block diagram to aide in our project.  I even indicated that I might be willing to sign a non-disclosure agreement to obtain this information.  The response from a Proxim wireless head official was to the effect of “I’m sorry but our designs are proprietary and we are unable to assist you.”  We ended up reverse-engineering it all by hand with an oscilloscope and some data books.  Interestingly enough a few years later, other companies, namely Linksys, did grasp the open source concept.]

Now days with 802.11 hardware a whole new world of firmware changes are possible.  For many old prism cards, the channels (frequencies) were a bitmap in the firmware.  Atheros is even easier.

Linksys and other manufactures have been using embedded Linux on their products. Linksys and others have released their source under the GPL.  People have been writing alternative 3rd party firmware versions for these devices, adding tons of fixes and great new features. The most popular device to have alternative firmware is the WRT54G (Wireless G router) since this is the device that sort of kick this whole thing in motion.


70 cm 420-450 MHz 

-Telsima has certified a WiMAX platform for operation at 70 and 33 cm (specifically, 400-1000 MHz), with selectable channel widths from 1.5 MHZ to 7 MHz: http://www.telsima.com/index.php?i=84   According to this http://www.telsima.com/pic/pdf/download/Demo_Brief-50km.pdf Telsima got 6.5 Mbps out of 3.7 MHz over 30 miles on 450 MHz.

If issues of platform cost and amateur band encryption use can be overcome, this could be a viable platform for some HSMM applications.

-John Stevensen, KD6OZH, is developing a 70 cm OFDM modem.  The (DCP-1) modem is similar to 802.11 modems but the subcarrier spacing is less (1-8 kHz vs 312.5 kHz) and consequently the amount of multipath that can be tolerated is higher (30-240 vs 0.8 microseconds). This allows operation over longer paths with omnidirectional antennas.

John reported in the Summer of 2009 that he is working on the DCP-3, a less expensive version of the DCP-1 and hardware that is more flexible. The external microcontroller has been replaced by a soft CPU inside the FPGA. The winter TAPR newsletter has an article on this CPU and the source code is on the TAPR web site. “A Soft Processor for Digital Signal Processing”

He notes that OFDM is limited to AM voice bandwidth on the VHF bands. However, 8PSK could fit in the same 20 kHz bandwidth as 9600 bps FSK and could operate at 3 times the data rate.


Doodle Labs – DL-435

Doodle Labs, is a privately held manufacturing company with headquarters in Singapore that designs and manufactures a line of long range Wireless Data Transceiver devices.

They are the first to list a true NLOS solution, capable of operation in the 70cm band that could easily fit into unused ATV channels between 420-430 MHz using a 2019.5 MHz offset.

In November 2011 Doodle Labs announced that it has successfully developed a family of compact, embedded OFDM Broadband radio transceivers specially optimized for the Amateur Radio bands to dramatically improve the data throughput and enable new IP based applications. These Broadband transceivers are the industry first for the various Amateur Radio bands within the frequency range of 435 MHz (70 Cm) to 5800 MHz (5 Cm).

http://doodlelabs.com/products-and-services/amateur-bands/420-450-mhz-band-dl435.html


 XAGYL Communications – XAGYL XC420M

XAGYL Communications, is a Canadian Distributor of Ultra High-Speed, Long Range Wireless equipment.

http://www.xagyl.com/store/product.php?productid=16450&cat=251&page=1

They also have a radio capable of operation in the 70cm band that could easily fit into unused ATV channels between 420-430 MHz.  They have been listing the radio on their site since, April 2010.  The projected availability is March 2012.

The Xagyl 70 cm radio, uses a 1994.5 MHz offset.  It should be noted that these are not compatible with the Doodle Labs cards.


Transverters and amplifiers:

RF Linx had some Bi-directional 2.4 GHz amplifier kits that were really cheap.
http://www.rflinx.com/2.4GHz%20Bi-Directional%20PCB.htm
They look to be based around some WJ ICs.

Transverters:
http://www.teletronics.com/Frequency%20Converters.html
Options like 2.4 to 900 MHz (1 & 4 watts), 2.4 to; 3.4 GHz, 3.5 GHz, 5.8 GHz

http://www.rflinx.com/products/converters/

http://www.teletronics.com/specialfreq.html
2.4 GHz to 1.2 GHz @ 1 watt

http://www.ubnt.com/super_range9.php4 700 mW on 900 MHz – 54 Mbps

Teletronics Prices 2/2007

1 Watt Outdoor 2.4 GHz 2 pc SmartAmp List Price: $399.99
1 Watt, 2.4GHz Indoor SmartAmp $199.00 US
SmartAmp Bi-directional RF Amplifier 900 MHz Series 4 Watt Price: $900.00
SmartAmp Bi-directional RF Amplifier 900 MHz Series 1 Watt.  Price: $800.00

HyperLink Technologies Prices 2/2007:

1 Watt, 900 MHz Indoor model HA901I-APC $350.00
3 Watts, 900 MHz Indoor model HA903I-APC $440.00
1 Watt, 2.4 GHz Indoor model HA2401RTGXI1000 $180.00
2 Watt, 2.4 GHz Indoor model HA2402GXI-NF $350.00

HyperLink became L-Com in 2008:

http://www.l-com.com/productfamily.aspx?id=6376

1 Watt 2.4 GHz 802.11b Outdoor WiFi Amplifier HA2401G-1000 $170.00
3 Watt 2.4 GHz Amplifier HA2401-XL3000 $250.00
1 Watt (30 dBm) Indoor 900 MHz Amplifier w/Active Power Control HA901I-APC $330.00
3 Watt (35 dBm) Indoor 900 MHz Amplifier w/Active Power Control HA903I-APC $380.00

SSB Electronics released at Dayton 2003, “Amateur use only” mast mount biamp for $599 (rumored price) that’s up to 4 watts out, 22db Rx amplifier with 1.8 db noise figure.

Fleeman Anderson Bird Corp offers a radio amateur discount, put your callsign in the order comments, 7% will be taken off your order when shipped.

 

 

HSMM-Amateur Radio MESH: My First Experience

Written by Kerry Veenstra, K3RRY

Note: If you already have an HSMM-MESH node and you want to upgrade its firmware, see HSMM-MESH: Upgrading the Firmware.

I knew nothing of HSMM-MESH (High Speed Multi-Media Mesh) when I read that Joe Fisher, K5EJL, would be presenting at the August 5, 2011, club meeting. The announcement was intriguing, however, and after reading several articles on the project’s web site http://hsmm-mesh.org, I decided to get a pair of LinkSys WRT54GL wireless routers and give it a try. This article describes how I got started and what I learned along the way.

HSMM-MESH is a digital communication mode that lets computers communicate using WiFi networking hardware on amateur-radio bands. The scheme that the mode provides is not limited to single point-to-point links: equipment automatically manages the routes of the mesh network, rerouting as necessary around broken network links. So this sounds great, but . . . why do I care?

When All Else Fails Amateur Radio Works

Wildfires of recent years and the vandalism of ten fiber-optic cables in April of 2009 revealed to me that our club’s communication infrastructure is fragile, undefended, and lacks adequate redundancy. Of course I can do nothing about these commercial networks, but I can imagine creating a parallel, high-speed digital network that is tested weekly during the local nets.

Details of such a future network are, as one says, to-be-determined, but the building blocks surely will include wireless links and automatic routing. So it only made sense to me that I start to play with new equipment, learn and apply new techniques, and evaluate potential facility locations of such a network.

Getting Started

Although I have said “WiFi networking hardware,” the software that runs on the equipment is not WiFi—it is developed by hams. Using one of the last menu items in the wireless router’s admin page, I directed the router to upload the amateur-radio software image into its non-volatile memory.  Here’s how I did that.

Step 0:  I started by printing these instructions

http://www.hsmm-mesh.org/documentation/68-firmware-installation-instructions.html

Why did I print the instructions?  Because configuring the router eventually required me to disconnect my computer from the internet.  Not immediately, but eventually.  At that point, I no longer could browse back to the instructions!  Of course if you don’t want to print the instructions, you can keep another browser open to the instruction’s page and be careful not to refresh it.

You should print this article, too, since I mention a few clarifications.

Since I had purchased two new WRT54GL routers, for each one, I followed instructions for a stock router.

Step 1: I browsed to the hsmm-mesh.org software download page and downloaded the latest software image for the WRT54G and WRT54GL.

    • Browse to http://hsmm-mesh.org
    • Click User Documentation in the left navigation area.
    • Click the article Firmware Installation Instructions
    • In the paragraph of step 1, click software download page.
    • Get the latest HSMM-MESH firmware. I got hsmm-mesh-0.4.1-wrt54g.bin, but yours might be a later version. Ensure that the file name you get ends with wrt54g.bin.

The instructions don’t mention one very important step, and so I’ll put it here. After connecting a computer to one of the four LAN ports on the back of the WRT54GL, I needed to disable the wireless link of my laptop. So I’ll list that step here. You see, although this is a wireless router, we reconfigure it over a wire!

Step 1.5: Turn off the wireless link of your laptop, and connect the laptop’s network cable to one of the WRT54GL’s four LAN ports.  At this point, your computer should have no network connections, wired or wireless, except for the cable going to the WRT54GL.

Step 2: I followed the instructions for “routers with factory firmware”. Since I saw the instructions required two chages, here they are as I followed them:

    • in a browser go to http://192.168.1.1
    • user = admin
    • password = admin
    • click Administration
    • click Firmware Upgrade
    • click Browse and select the file you downloaded, such as hsmm-mesh-0.4.1-wrt54g.bin
    • click Upgrade

Step 3: I waited for the router to reboot and blink its LEDs as described in the instructions. Then I unplugged the network cable and plugged it in again to get the laptop to reset its network connection.

Step 4: Finally, I followed the instructions to store my callsign as part of the router’s name. As the control operator, this final step is required before using the device.  I called my two HSMM-MESH nodes k3rry-1 and k3rry-2.

After transforming both WRT54GL routers into HSMM-MESH nodes, I could browse to the control panel of HSMM-MESH node k3rry-2:

http://localnode:8080

Then I asked for the mesh network’s status, and the web page listed that k3rry-2 could see node k3rry-1!

What’s Next?

So that’s how I got started.  If you want to get started yourself, you can buy a pair of new WRT54GL routers, or you can use some old WRT54G (no L) routers.  The current WRT54G (no L) will not work for HSMM-MESH because it was cost reduced to use half of the memory.  You’ll need to get an old WRT54G (up to version 4) or any version of WRT54GL.  The hsmm-mesh.org web site describes which versions of which routers will work.  See the list of supported hardware.

In the next article I’ll describe how I got a couple of computers to talk to one another.  I’ll address the mystery of why I needed to put :8080 on the end of the address above.