Professional Documents
Culture Documents
Firetide
Firetide
HotView Pro
Network Management
Workstation
Enterprise
Network
Backbone
There should be an icon on the screen for each node that you have set up. If not, consult Section V,
Troubleshooting, in this manual.
HotView Pro
Network Management
Workstation
Enterprise
Network
Backbone
Meshes operate below the IP layer; that is, they are IP-independent. Meshes do have a packet-routing
algorithm, just as a wired Ethernet switch does. Firetide mesh nodes optimize their routing algo-
rithms across the entire mesh, taking into account the relative speed and capacity of each path, but
not outside it.
Radio differs from wired connections in some key particulars. Any given radio is half-duplex, that is,
it cannot transmit and receive at exactly the same time on the same frequency. Two (or more) radios
cannot both use the same frequency at the same time.
The current generation of Firetide mesh products feature two radios in each node, which gives great
flexibility and adaptability in a wide range of applications.
Fundamentally, a Firetide mesh is an intelligent managed Ethernet switch, and supports the same
features and capabilities as managed switches from major vendors of wired networking equipment.
Wireless Mesh Applications A wireless mesh can be used almost any place a wired Ethernet switch can be used, and also in many
applications where wired networking would be impractical. For example:
Video surveillance with IP video cameras.
Difficult-to-cables structures, such as historic buildings, warehouses, or factories.
Temporary networks, such as at races or sporting events.
As a backhaul for campus and municipal wireless-access deployment.
In support of VoIP deployment, as a network-extension technology to support APs in stairwells and
other hard-to-cable places.
A directional antenna is like a spotlight; it focusses the RF in a particular direction, making the signal
stronger (brighter) there but leaving other areas in darkness.
This installation is good because the HotPort Series 6000 Antennas are 1.6 meters apart. It could be
better, though. If one of the antennas were placed pointing straight down, there would be less inter-
action between them. Even better, the antennas could be placed in line, one directly above the other.
Such collinear deployment minimizes interference.
r
d
r = 17.3 Nd
4f
r = .5 Nd
f
Table 3 gives typical Fresnel zone sizes at 2.4 GHz and 5.2 GHz. Note that for distances typical in in-
door installations, Fresnel zone sizes are not usually a critical factor, but in outdoor applications it
can be more critical. For example, if the radio path is to go between two buildings, no third building
or other obstruction should be within the Fresnel zone of the chosen path.
Table 3. Fresnel Zone Size, Zone 1 / Zone 2
d (km) r @ 2.4 GHz r @ 5.2 GHz d (ft) r @ 2.4 GHz r @ 5.2 GHz
N=1 N=2 N=1 N=2 N=1 N=2 N=1 N=2
0.10 1.77 2.50 1.20 1.70 25 1.61 2.28 1.10 1.55
0.25 2.79 3.95 1.90 2.68 50 2.28 3.23 1.55 2.19
0.50 3.95 5.58 2.68 3.79 100 3.23 4.56 2.19 3.10
1 5.58 7.90 3.79 5.36 250 5.10 7.22 3.47 4.90
2.5 8.83 12.5 6.00 8.48 500 7.22 10.2 4.90 6.93
5 12.5 17.7 8.5 12.0 1000 10.2 14.4 6.93 9.80
10 17.7 25.0 12.0 17.0 2500 16.1 22.8 11.0 15.5
25 27.9 39.5 19.0 26.8 5000 22.8 32.3 15.5 21.9
Mesh IP Addresses and ARP Tables No single node in a HotPort Mesh has an IP address; the management IP address for the mesh is
shared by all the nodes. Node MAC addresses, however, are specific to each node.
When you connect a PC (or other equipment) to a node, software in the network protocol stack will
associate the IP address with the MAC address of that node. This relationship is maintained in the Ad-
dress Resolution Protocol table, or ARP table.
If you move the PCs wired-Ethernet connect from one node in a mesh to another, you change the MAC
address but not the IP address. This causes erroneous, or stale, ARP entries.
ARP tables are used by Windows, Linux, and most other operating systems to track the MAC (Ethernet)
address associated with each IP address. If you are using a workstation to configure multiple HotPort
nodes individually, the workstation may lose connection to a node due to a stale ARP entry. To avoid
this, whenever you physically connect to a different node, flush the ARP cache with the following
command:
> arp -d *
Ping Your systems ping command is a very useful debug tool. If you experience a problem connecting to
any mesh, try pinging that meshs IP address.
> ping 192.168.224.150 (use your mesh IP address)
or
> ping 192.168.224.150 -t
for a persistent (continuous) ping.
Mobility and IP Firetides Controller, used to support mobility across meshes, automatically creates tunnels for mo-
bile nodes so that the IP address assigned to Ethernet devices attached to that node always appear on
the correct subnet. This is covered in more detail in Section VII, Managing Mobility.
Firetide
Mesh Wired
Network
Firetide
Mesh
HotView Pro Client
(possible, but not
recommended)
HotView Pro HotView Pro
Client Client
Firetide offers two client application choices; the stand-alone client, and a browser-based client. In
order to support browser operation, the server must have JBOSS and JDK installed. Both are provided
as part of the HotView Pro distribution. The installer will automatically configure JBOSS to use port
80 for HTTP, but this can be changed after installation, if desired. If you move it to a different port,
insure that the chosen port is open on any firewalls in the path.
HotView Pro uses PostgreSQL to provide persistent storage of configurations, logs and data. The da-
tabase is required for networks with more than one mesh, and strongly recommended for smaller net-
works. HotView Pro can be installed without the database, for testing and configuration, but Firetide
recommends you use PostgreSQL in all production deployments. Firetide also suggests you run the
database on the same machine as the HotView Pro server.
Changing the Default View You can use commands under the Options menu to change the default view, as shown in Screen 2. Use
the Options menu to turn off the background image and turn on the Show Information Bar, on the
right. (Later youll leanr how to add your own background image.)
THe Show Information Bar is quite useful when you are first setting up your mesh. Some users prefer
to leave it off when working with large meshes. The same information is available by right-clicking on
a mesh node, but for now turn the panel on before proceeding.
Screen 2. HotView Screen with background off, status panel on
Accessing HotView Commands Menus are displayed along the top of the screen in the usual manner. Below that, icons offer another
way to access commonly used commands. The third method of accessing HotView Pro commands is by
right-clicking on a node, or on the mesh as a whole.
Some nodes have visual indication of Ethernet port status. Letter meanings are given in Table 7.
Table 7. Ethernet Port Status Information
Color Meaning
Green Port is enabled and connected at 100 Mbps.
ID Description
SW Indicates a software error. Yellow indicates a minor error; red indicates a major error.
X Indicates a radio error. Yellow indicates a minor error; red indicates a major error.
H Identifies the node as a head node. A head node is a node connected to a workstation
running the HotView Pro software. In a simple mesh, the Head Node is the one connected
to the HotView Pro server. In complex multi-mesh systems, the Head Node is the node
furthest upstream, i.e. the point on the mesh that leads to the server. Thus, a Mesh-
Bridge node or Gateway Server Node may be a Head Node. All nodes in a mesh take their
configuration from their Head Node.
Configure Mesh The Configure Mesh command opens a dialog box with multiple tabs. In it, you can specifc the Mesh
ID, IP address, ESSID, and most other mesh-wide parameters. Refer to Chapter 9 for details
VLANs This command is used to configure VLANs. VLAN - Virtual LAN - allows you to subdivide your mesh.
A Firetide mesh is functionally equivalent to an Ethernet switch. By subdividing the switch, you can
isolate one group of ports from other ports. This is most commonly used allow one group of ports to
enjoy higher-priority service, but can also be used to enhance security. Refer to Chapter 20 for com-
plete details.
Gateway Groups A Firetide mesh can be simply plugged into the wired network backbone of your enterprise, but this
does not provide redundancy in the event the connected node is down. Gateways can be configured so
that there are multiple connections from the wireless mesh to the wired backbone, without creating
routing loops or other problems. Refer to Chapter 17 for details.
Multicast Groups Normally, multicast packets propagate throughout an Ethernet network. In some applications, it may
be desireable to limit their propagation to a specific mesh or group of meshes. This command can be
used to do accomplish this.
Mesh Bridge Groups A Mesh Bridge is a connection between two meshes. In some applications, you may want multiple
Mesh Bridge connections; these are called Mesh Bridge Groups. Refer to Chapter 18 for details.
MAC Filters MAC (Address) Filtering is used in certain high-security applications to limit physical connectivity to
the mesh. When this feature is used, only explicitly-permitted MAC addresses are permitted to transit
the mesh. Note that this is not completely foolproof; it is possible to spoof a MAC address, thus a de-
termined intruder may still be able to transit your mesh if given physical access to a node.
Ethernet Direct Connections An Ethernet Direct connection is a wired connection within a single mesh. Wireless links are fast,
but wired links are faster. In some cases, overall mesh throughput can be dramatically increased if a
heavily-loaded link is replaced with a wired connection. Refer to Chapter 19 for details.
Static Routes A Firetide Mesh automatically builds its own path table for moving packets across the mesh. Note that
because the mesh functions as an Ethernet switch, it operates below the IP layer and does not care
what IP addressing scheme is in use. In most cases, performance is best if the mesh selects in own
routes, but in some cases you may want to manually specify a route for some traffic.
This command reboots the entire mesh. Mesh configuration settings are not affected. (A nodes mesh
Reboot Mesh configration settings can only be reset to factory defaults by performing a factory reset operation on
the mesh.)
Delete Down Nodes HotView Pro normally remembers meshes and nodes it has seen; this is useful for system maintenance
because it allows HotView Pro to issue a warning when a node or mesh is missing. if you remove a node
from the mesh, you can use the Delete Down Nodes command to remove the node from HotView Pro.
(Note: entire meshes can be removed by deleting them from the Mesh tab, in the Configure HotView
Server command.)
Delete Down Mobile Nodes As above, but it only deletes down mobile nodes.
Delete Down APs As above, but it only deleted down Firetide Access Points
Clear Access Points Cache Clears the Access Point cache.
Add Mesh Adds a new mesh to HotView Pro
Add Controller Adds a Controller to HotView Pro. Controllers manage roaming and mobility across multiple meshes.
Configure HotView Server Brings up the Configure HotView Server dialog, which contains multiple tabs. Note: this is thesame as
the Configure Server option available in the Integrated HotView Launcher.
Broadcast Group Configuration Configures a broadcast (packet) group. Greyed out, as shown, until configured via the File menu in
the Network View tab.
HotPort Users Configuration Allows you to manage user IDs of individual meshes.
Exit Quits the HotView or HotView Pro client application. It does NOT terminate the HotView Pro server
application.
Detailed Descriptions of how to use these commands can be found in the How-to section of this Refer-
ence Guide.
Icon Usage/Function
To zoom in on a selected region in the mesh diagram, click on this icon, click and
drag with the mouse across the mesh diagram to indicate the region of interest,
and then click the mouse button.
Scroll up
Scroll down
Certificate Menu You can configure your mesh such that nodes will only accept upgrades (firmware loads) from digital-
ly-signed sources. This provides a defense against hackers.
Configuration Tools Menu The Configuration Menu provides access to several multi-node mesh configuration commands.
Screen 4. Configuration Menu
Optimize Channel Assignment Series 6000 nodes have two radios. When configured in linear mode, the radio operate individually,
which increases overall throughput in most applications. HotView supports a mode wherein the nodes
will negotiate among themselves to determine channel assignments which give the best overall cov-
erage and throughput. You have control over the range of channels from which the nodes can select.
Multi-Node Radio Settings Tool Fixed frequencies can be applied to a subset of nodes if any node from this subset has an ethernet
direct connection to a non-subset node or if the second radio uses the default assignment. Use this
panel to assign channel settings to multiple nodes at one time. Use the node-specific Radio Set-
tings window to view existing settings
Multi-Node VLAN Settings This command can be used to assign certain VLAN properties to a group of nodes at one time. Refer to
the VLAN How-to section for details on setting up VLANs.
Mobile Node Scan List Scans and reports all mobile nodes currently visible on the mesh.
Graph Statistics Displays a graph of accumulated statistics. This will be greyed out, as shown, if no database has been
configured.
Set Statistics Refresh Interval Gathering statistics over a very large mesh increases the total traffic load. This command allows oyu
to specify how often statistics are collected from nodes and meshes. Its common practice to set a
fairly short interval when setting up a new mesh, so that problems can be identified, but then to
increase the interval once performance has been established.
View Faults Log Display the log of faults.
View AP Log Display the access point log.
View Rogue AP Lists Displays a list of any rogue APs that have been detected.
View HoSwitch Logs Displays the log of the HotSwitch, also known as the Controller. Refer to the section on Mobility for
details of Controller operation.
View Channel Assignment Results This displays the result of the auto-channel assignment command, and shows the radio channels as-
signed to each radio in each node.
Verify The Verify menu lets you perform a check on the consistency of settings across your mesh. While in an
ideal world, settings would never become non-consistent, it can happen. These commands allow you
to detect and correct the condition.
Screen 6. Verify Menu
Verify Mesh Configuration Verifies all settings across the selected mesh.
Verify VAP Group Configuration Verifies all settings across the selected virtual access point group. Note that Firetide HotPoint APs
support multiple virtual access points per physical unit. Since not all virtual APs need be imple-
mented on all physical access points, it makes more sense to conduct consistency checks at the virtual
level.
Show All Links Normally on, this can be turned off when view large meshes, where the number of link lines can ob-
scure other information.
Show Links only for Selected Usually used when Show Al Links is disabled, so that links of interest appear.
HotPort
Select HotPorts automatically on Normally off, thus an explicit click is required. Enabling this highlights thatnode, and more impor-
mouse-over tantly the links to that node, so that it stands out form the others.
Show Information Bar Shows the information panel on the right side of the screen. Normally off, but should be on when
setting up and troubleshooting a network.
Show Model Number Displays the model number (e.g. 6202) of the node, along with the name.
Show APs Shows access points connected to the mesh.
Hide Down APs Hides those access points which are down, but does NOT delete them. This will be greyed out, as
shown, if there are no downed nodes.
Show Standalone APs. Shows standalone access points - those which are connected directly to the wired backbone, rather
than connected via the mesh.
Jump to Mesh Tab This command switches the view to the (detailed) mesh view for that mesh. It is particularly useful
when you have a large number of meshes.
Release Write Access It is possible to configure a complex mesh with more than one HotView NMS. Normally, the first in-
stance of HotView to connect to the mesh owns the mesh and will block others form read (though
not write) access. This command can be used to release such a block.
Move Mesh This command allows you to physically shift the position of the mesh icon on the screen. It does not
in any way have anything to do with actually moving meshes or nodes.
Logout of Mesh Disconnects HotView Pro from that mesh.
HotPort Location Allows you to add a longer secondary identification string, typically a location. This string does not
appear in the main screen, but will appear in the tabular listing at the bottom of the string. Use this
option to enter any unique identifying information about the HotPort node, such as its location, a
contact persons phone number, and so on.
Screen 16. Adding Location Information
HotPort Type Allows you to specify whether the HotPort is a fixed or mobile HotPort. The Firetide Mesh network
auto-configures, and will automatically track nodes which move occasionally. However, by specify-
ing a node as mobile, the mesh will more quickly track rapid node movement, such as in a car or
airplane.
Port Configuration Allows you to set the wired-Ethernet port type for the physical ports on the node. You can set speed
and half vs full-duplex. Most importantly, you can disable ports, to help block unauthorized access.
Note: there are dozens of Ethernet chip-set vendors; as a result port auto-negotiation is not always a
perfectly reliable process. If you experience intermittant drop-outs, and you are sure of the speed of
the connected equipment, you may wish to disable auto-negotiation.
Screen 17. Port Configuration
Antenna Selection and Power HotPort nodes can be configured with various external antennas. High gain, sector, Yagi, and panel
Levels antennas are available. You must ensure that your choice of antenna and power level is legal for use
in your country. In some cases, it may be necessary to reduce transmit power. It is the installers/op-
erators responsibility to adjust the output power to the correct level for the chosen antenna. These
levels vary for different frequency bands and countries. The following formula should be used to
determine the effective isotropic radiated power (EIRP) for a HotPort node:
EIRP (dBm) = Antenna Gain (dBi) RF Cable Loss (dB) + MAX TX Power
Where:
MAX TX Power is in dBm
RF cable loss is the loss in dB on the coax cable connecting the 3203 to the antenna
The standard 1.5 meter LMR400 RF cable supplied with certain HotPort nodes has 0.55 dB of loss
in the 2.4 GHz band. At 5.2 GHz, loss is 0.6 dB, rising to 1.1 dB at 5.8 GHz. If the calculated EIRP is
greater than the regulatory limit, than the operator must reduce the TX power by an equal or greater
amount in dB. This is accomplished by using the Change Transmit Power command. The TX power can
be adjusted on a node by node basis using HotView Pro. The TX power control is displayed in %. Use
Table 10 to determine the % to dB attenuation conversion.
Antenna Diversity Some Firetide nodes offer antenna diversity; wherein each radio uses a single antenna for transmis-
sion, but two antennas for reception. Normally the choice of receiving antennas is automatic, but it
can be overridden. If you install a diversity-capable node with only one antenna, turn diversity off.
Note: your screen may vary depending on the HotPort model you are accessing.
Screen 19. Setting Antenna Diversity and TX Power
Two types of Node QoS are available. Standards-compliant 802.11p is supported. For attached equip-
ment which does not implement QoS (e.g. many cameras) QoS can be assigned per Ethernet port. In
this case all traffic arriving on that port has that QoS associated with it.
Setting QoS First, use the Mesh Configuration command to enable mesh-wide QoS. Then use the QoS command,
under Node Commands, to select the desired QoS configuration.
Screen 21. Basic QoS Settings
Its a good idea to click the Refresh Statistics button when opening this window; the act of collecting
the data creates traffic to and from all nodes, which insure accurate statistics.
Further infomration on interpreting and applying the results can be found in the Optimizing Perfor-
mance section.
Move HotPort Allows you to adjust the location of the icon on the screen.
Third Party Access Point Allows you to specify that a non-Firetide access point is connected to the node. Refer to the Access
Configuration Point section for details on how to configure a node for third-party access point support.
Configure this node as a Gateway Takes the node off the air and makes it a special management node for Gateways. Refer to the Hot-to
Server node section on Gateway Groups for details.
Refresh configuration for this Verfies that HotView and the node agree on the nodes configuration.
HotPort
Attempt to recover neighbor nodes As the name suggests, this command will cause the node to listen for, and attempt to contact, any
other Firetide node within radio range. When executed from a nearby node, this can often recover a
node which has fallen off the mesh due to interference or other transient problems.
Note: when a node is attempting to recover a neighbor node, it will stop other functioning; thus, you
should NOT run this command on a node which is carrying critical traffic.
Delete this HotPort Removes the (down) node from HotView.
Import Mesh Configuration Copies the complete mesh configuration database to a file, which you can store on the server or any
from this HotPort other PC.
Apply saved Mesh Applies a file produced by the above command to a node. Together, these tow commands are the
Configuration to this backup-and-restore procedure for the mesh. You can use them to configure a node to join a mesh
HotPort before that node is physically deployed to its location.
Screen 23. Node Right-Click Summary Data - Series 3000 and Series 6000
Before the algorithm begins execution, you will see the following warning message:
Screen 28. Advisory on Auto-Channel Assignment
Overriding Automatic Channel If necessary, you can override the automatic channel assignment for Series 6000 nodes. Right-click
Assignment on an individual node, and change the channel as required. Use caution when doing this; if you pick a
channel that has external interference, you may cause the node to go off the mesh.
Screen 29. Overriding Automatic Channel Assignments
Locking Channel Assignments After initial setup, if an individual Series 6000 node is lost to the mesh due to RF problems, the other
nodes will attempt to recover and and re-allocate channel assignments. In some cases this may not be
desirable. To prevent it, set the Channel Lock tick-box.
HotView Pro Definition In HotView Pro, this screen does NOT define human users. Rather, it defines the user ID that HotView
Pro uses to log into the mesh. If you want to change these settings, you must also change the mesh
settings under the Server Configuration command.
The initial setup allows only one user to log in at a time. After initial setup, you should define and
create the user accounts you need, assign privileges, and determine multiple login possibilities.
Each mesh requires a read-write user ID, which HotView Pro uses to change the mesh configuration,
and a read-only user ID, which HotView Pro uses to monitor the network. Remember, these are not in-
tended to be human users, rather, they represent the identity that HotView Pro must assume in order
to connect. Thus, if you change them, you must also use the Server Confuguration tool of HotView Pro
to tell HotView Pro what the correct users IDs are.
HotView Definition In ordinary HotView, this screen defines the user login. The default values are admin and firetide, but
you should change these.
Screen 34. User Account Definitions in Mesh Configuration
Multi-Hop Optimization The multi-hop optimization option increases the overall throughput of the mesh by reducing the
amount of contention between nodes that are separated by multiple hops. Normally this option
should be enabled since most mesh networks will have multiple hops between nodes.
You can disable this mode if you have a 100% fully-meshed network, where all modes connect directly
to every node with a single hop, but Firetide recommends against it in most cases. If it should happen
that an individual link went down and made the mesh not fully-meshed, this parameter would then be
mis-set.
RSSI Threshold The RSSI Threshold allows you to set the quality threshold for wireless links. Any links that drop below
the threshold will not be used for routing traffic. For the routing ability of the link to be restored, the
RSSI must achieve the Threshold setting PLUS the Hysteresis Window setting. For example if the RSSI
Threshold is -67 dBm and the Hysteresis Window is 3 dBm, routing over the link will not be restored
until its RSSI is -64 dBm (-67 dBm plus 3 dBm).
In general, you should set this to a threshold weaker than your weakest link, by several dB. Firetide
recommends that you not try to run leaks weaker than -72 dBm; thus the threshold should be at least
-75 dBm and 3 dB. However, in most cases your mesh should have normal RSSI values substantially
stronger that -72 dBm, thus you will likely have an RSSI threshold in the sixties or better.
Mesh Identity Configuration This screen is used to define basic Mesh identifiers.
The IP address is used for management purposes only, but must be a routable address.
Each mesh has a Mesh ID. Mesh IDs must be from 1 to 254; 0 is reserved as a wild card value. If a mesh
ID of 0 is specified, HotView Pro will log into any mesh it discovers.
The mesh login information is the info used by HotView Pro to log into the nodes. The read-write
username MUST be admin; the read-only username MUST be guest. The default password is firetide;
this should be changed. (Human user accounts are configured via the User Configuration tab.)
The Pre-Load Mesh option tells HotView Pro to expect to find the mesh. If set, HotView Pro loads the
expected mesh configuration when starting, and looks for the nodes. It will flag missing nodes. If it is
not set, HotView Pro will find a mesh if it is at the default IP address of 192.168.224.150; otherwise it
will not find any meshes. In general, the Pre-Load Mesh option should be left on. You may wish to turn
it off only if you know a particular mesh is not available, i.e. it exists in a completely different part of
the enterprise.
Note: HotView Pro automatically remembers every mesh it discovers. If you are using HotView Pro to
test different mesh configurations or other experimental work, you should delete any such meshes
from HotView Pro after you are done, using this screen.
Enter the users ID and password. (If the Username field is not clear, click the Clear button.) Select
ALLOW_ACCESS or DENY_ACCESS for Server Configuration. Note: The following special characters are
not allowed in passwords: & % , $ * @
The Default Access is the value that will be assigned to that user for any NEW meshes, that is, meshes
not already listed in the Mesh ID table. Select ALLOW_ACCESS or DENY_ACCESS; at least one user
should be set to ALLOW_ACCESS so that new meshes can be administered.
Next, select each individual Mesh ID from the table, and set the ALLOW_ACCESS or DENY_ACCESS val-
ue. Then click Save.
If you wish to edit a users settings, click on the users name, change the settings, and click Apply.
Click Save when you are done.
IP Addresses
Firetide HotPort nodes default to 192.168.224.150 when new or factory-reset. This address can be
changed. You will need a computer with an Ethernet interface on the 192.168.224.X/24 subnet. If this
is not convenient or possible with the HotView Pro Server platform, you may wish to install HotView
on another machine and use it to modify the IP address of new nodes.
Installation of HotView Pro for initial staging work consists of 6 steps.
1. Install the software from the CD-ROM included in the package, onto the computer you will use
for initial mesh configuration.
2. Enter the temporary license key (typically from the installation CD).
3. Set the computers IP address to the Firetide default subnet, 192.168.224.X/24. The HotPort
node defaults to 192.168.224.150.
4. Connect the workstation to the Firetide mesh.
5. Configure the mesh.
6. Change the mesh IP address to one that it reachable from the machine that will be the produc-
tion server.
Installation of HotView Pro for production consists of steps.
1. Install the software onto the computer which will be the production server.
2. Enter the temporary license key and submit the permanent licence request.
3. Configure the server for production.
4. Install the client on all computers which will need access to the server, or use the HTTP
browser option.
If the splash screen does not appear, navigate to the CD and execute the AutorunPro file, as shown in
Screen 46.
Screen 46. Installation CD Contents
Click on the Start Installer for Windows button (or other OS, as appropriate for your server. The in-
staller will lead you through a number of screens, shown on the next several pages.
Screen 51 is where you choose what you want to install. To install just HotView, select the top icon;
it will turn blue. To install HotView Pro Client and Server, select the middle icon; it will tunr blue as
shown in the example. To install HotView Pro Client and Server with web (HTTP) access support, select
the bottom icon. This is the default.
Note that there is no option to install just the HotView client; if you wish to install the client on mul-
tiple machines to give them access to the server, select the middle icon.
Screen 51. Installation Choice
Installation proceeds. When it is complete, you will see Screen 54. The installer will also place short-
cuts on your desktip which point to HotView and HotView Pro.
Screen 54. Installation Complete
When Server Configuration starts, you may see a warning message about the database, as shown in
Screen 56. Ignore this; you have not configured the database. Click Yes.
Screen 56. Warning Regarding Database
You may see a warning message (Screen 58) that the Server cannot be reached; this is because the
Server is not yet running. Ignore the warning; click Yes.
Screen 58. Server Cannot Be Found Warning
You will see the Server Configuration window; select the Licensing tab, as shown in Screen 59.
Screen 59. Licensing Tab in Server Configuration
Enter the activation key you were given. Note that this is case-sensitive. When you have finished, click
on the Firetide EULA button and read the license agreement. If you agree, click the Accept box. Then
click on the Activate License button.
Permanent License Activation To permanently register your copy of HotView Pro, enter the requested information in the Licensing
screen, as shown in Screen 60.
The permanent registration process is done by email. Be sure you entered a valid email address in the
Licensing screen; this is the address to which the permanent license will be sent.
Make sure your system is connected to the Internet (i.e., that you have NOT temporarily cabled it to
your collection of HotPort nodes), then click on the Request Permanent License button.
HotView Pro will automatically create a small text file which will be emailed to Firetide. Keep this file
in the directory where HotView Pro placed it; this is the .firetide directory; it is part of a two-part
license key. You should make a backup copy of it.
The Firetide licensing system collects certain machine and network-specific data from the mesh, but
does not collect any other personal data. The HotView Pro license process writes a small data record to
each node in the mesh; thus each node knows who its management system is, and will refuse to run
with another management system. A node can be moved from one management system to another by
performing a factory reset on the node.
After Firetide receives your license request, we will generate a permanent license and send it back to
you as an email attachment.
Use the server configuration application again to load this permanent license. Do this by clicking on
the Import Permanent License button; then navigate to where the file is. The file will automatically be
copied to your .firetide directory.
If your management system is not able to send and receive email, transfer the request file (from the
.firetide directory) via a USB drive or other removable media to an email-capable system and send it
to licensing@firetide.com.
You should make a backup copy of your license request file and license file. You may need it to verify
that you are a licensed owner of the software.
You cannot un-install and re-install HotView Pro without re-licensing it, even on the same machine.
Should you need to re-install HotView Pro, contact licensing@firetide.com to obtain an updated
license.
wireless mesh
wired cloud
network
HotView
HotPort
indoor
node
HotPort
indoor HotPort
node outdoor
node
Before attempting to launch HotView or HotView Pro, confirm that your computer is configured with
an IP address on the 192.168.224.X/24 subnet.
Verify that you can reach the mesh by opening the Windows XP command prompt and pinging IP ad-
dress 192.168.224.150. If you do not get a response, fix this problem before proceeding.
If ping is successful, you can launch either HotView (shown below) or HotView Pro (shown on the next
page).
HotView Launch HotView, then do the following:
1. Enter the IP address of the mesh. The default is 192.168.224.150.
2. Log in. The initial user account is hv_admin, the initial password is firetide. (If you are upgrad-
ing from an earlier HotView release, the user account and password will be whatever you set
them to be in that release.)
3. Click on the Login button and wait for your system to connect to the mesh. This may take a few
seconds to several minutes.
4. Once connected, the workstation will display the mesh. If the nodes are new or have been re-
set to factory defaults, you will be prompted to set the country code. DO NOT do this yet; first
confirm that all nodes are visible.
Note: If you receive the message Login failed, read the next section for possible causes and sug-
gested remedies.
1. Enter the IP address of the computer you installed the server on. If it is on the local machine,
enter 127.0.0.1.
2. Log in. The initial user account is hv_admin, the initial password is firetide. (If you are upgrad-
ing from an earlier HotView release, the user account and password will be whatever you set
them to be in that release.)
3. Click on the Login button and wait for your system to connect to the mesh. This may take a few
seconds to several minutes.
4. Once connected, the workstation will display the mesh. If the nodes are new or have been re-
set to factory defaults, you will be prompted to set the country code. DO NOT do this yet; first
confirm that all nodes are visible.
Note: If you receive the message Login failed, read the next section for possible causes and sug-
gested remedies.
oaj]d]kke]k`
oaj]\ [dgm\
f]logjc
?glMa]oGjg
[da]fl
?glGgjl
af\ggj
fg\]
?glGgjl
?glMa]oGjg af\ggj ?glGgjl
k]jn]j fg\] gml\ggj
fg\]
The node has not properly reset. If at all possible, include at least one indoor node in your mesh, and use it as the head node
initially. Make sure its status LED is green. Then, reset the node (see Chapter 14 for details) and
after the status LED has come on again, ping the node. If that works, try logging in.
Only one HotView Pro user at a Another user may be logged in. A new or factory-reset node will automatically join an existing mesh if
time can log in to the mesh. one is in range. This is a good reason to NOT run your production mesh at the factory defualt settings.
New nodes will join it and you will be unable to log in.
The login information you entered Re-enter the login information and log in. Ensure that you are using lowercase characters. Hot-
is incorrect. View remembers user logins and mesh logins (see next item) in the .firetide directory of the
users file area. Thus, it will still expect the old user logins and passwords. If this information
has been lost, the .firetide directory should be deleted and the software should be re-installed.
The mesh network login information may have changed. As noted above, HotView will remember and
re-use login information from a previous installation. If you no longer have this information, you can
reset all of the HotPort nodes to their default factory settings and start again. Instructions for restor-
ing the default factory settings appear in the users guide supplied with your HotPort node, and in an
appendix to this manual.
Web Access isnt working. JBoss wasnt correctly installed, or has not been started on the server. Try connecting using the
HotView Pro client.
Note that the head node is marked by a small H between the antennas; the node icon in the top
right corner will also show this H when the node is selected. In a simple, single-mesh network, the
head node is the one connected to the HotView Pro server. In a multiple mesh network, the H mark
will be on the node that connects upstream to the HotView Pro Server.
Adding New Nodes to an Existing If you have an existing mesh and wish to add nodes to it, follow these steps:
Mesh 1. With your old version of HotView or HotView Pro, use the Import Mesh Configuration from this
Node command to make a backup copy of your mesh configuration. Do this for each mesh.
2. Upgrade the firmware on all existing nodes, using the new firmware that came with your
Firetide software package. Use the OLD version of HotView or HotView Pro to do this.
3. Set up your new nodes as a small mesh. Configure a PC to talk to 192.1768.224.150, and use
HotView to apply the saved mesh configuration to the new nodes.
4. You can now use your new version of HotView Pro to connect to your existing mesh. The new
nodes should then appear on that existing mesh.
August 2007 Firetide Instant Mesh Networks 79
Mixed-Node Network Warning If the mesh contains a mix of nodes with different radio types, you will see a warning message. High-
power nodes (e.g. 3500 Series and 3600 Series) are single-band, and the mesh will restrict itself to
frequencies in that band. In most cases you can ignore this message; as it is perfectly fine to operate
nodes with different radios on the same mesh.
Screen 64. Mixed-node Warning Message
HotPort nodes equipped with high-power radios (3500 Series and 3600 Series) are for use in the US only,
and are generally illegal for use elsewhere. These units will NOT show a country code screen.
Your HotPort mesh nodes must comply with the specific channel limitations, indoor/outdoor restric-
tions, and license requirements for your country or region. Operating with the wrong settings may
result in illegal operation and may cause harmful interference to other systems. To ensure compli-
ance, your mesh nodes must be set with the proper Country Code for your country of operation. You
are responsible for setting the correct country code.
By default, HotPort units are shipped from the factory with no Country Code selected. Until the Coun-
try Code is set, radio settings will be severely restricted.
It is illegal to set a country code other than the correct one for the location of that node. Firetide
HotPorts are capable of operation on frequencies which are restricted and/or licensed in the US and
elsewhere. Setting an improper country code to bypass this can interfere with public safety radio, and
result in criminal prosecution.
The Country Code settings allow operation at the maximum legal limit for that country; if it is not set,
the transmitters operate at very low power defauly settings, and range is limited. . As soon as you set
the Country Code, the radios switch to the default radio settings for that country. See Appendix A for
specific default settings for each model and country.
Setting the Country Code should be the second thing you do when setting up a new HotPort mesh.
(The first thing you should do is make sure that all nodes are visible.)
Setting the Country Code overwrites all other settings, such as node names, etc., therefore it should
be done first. However, because setting the Country Code changes the radio settings, its important
to make sure all nodes are visible before setting the Country Code.
1. Click Compare All to determine which nodes have the correct Country Codes and which ones do
not.
2. Click OK to close the screen.
3. Save the configuration of a node that has the proper Country Code to a file and then apply
this configuration to the other nodes that do not have this configuration. This procedure is
described later in this manual under the heading Updating Node Configurations.
Note: If you attempt to make a meshwide configuration change when only some of the mesh nodes
have their Country Code set or if the mesh detects multiple Country Codes, the following screen will
appear. Click OK to close the screen and follow Step 3 above.
Screen 67. Resolving Conflicting Country Codes
Changing Country Codes Begin by resetting the node to the factory default settings. This will clear its Country Code setting.
1. Connect the node to a workstation running HotView or HotView Pro. (You will need to set the
workstations IP address.) When the Set Country Code screen appears, select the proper
code and click Set Country Code Now.
2. Set all of the other parameters for this node to the proper configuration.
3. Save the configuration of this node to a file and then apply this configuration to the other
nodes. This procedure is described later in this manual under the heading Updating Node
Configurations.
Before the algorithm begins execution, you will see the following warning message:
Screen 72. Advisory on Auto-Channel Assignment
Overriding Automatic Channel If necessary, you can override the automatic channel assignment for Series 6000 nodes. Right-click
Assignment on an individual node, and change the channel as required. Use caution when doing this; if you pick a
channel that has external interference, you may cause the node to go off the mesh.
Screen 73. Overriding Automatic Channel Assignments
Locking Channel Assignments After initial setup, if an individual Series 6000 node is lost to the mesh due to RF problems, the other
nodes will attempt to recover and and re-allocate channel assignments. In some cases this may not be
desirable. To prevent it, set the Channel Lock tick-box.
Select the node or nodes you want to upgrade; you can upgrade as many as ten at one time. The
upload process will begin. Each node will show a progress bar. When all the uploads are complete,
HotView Pro will ask you if you want to perform the actual upgrade. Click yes. The nodes will upgrade
and reboot themselves.
Note: If you are upgrading a mesh with more than ten nodes, the upgrade command will upgrade
them in batches of ten, until all nodes are upgraded.
Screen 79. Uploading the Image
Note that an upgrade causes the node to reboot; while rebooting, nodes are not visible to HotView. As
a result, you will see a warning message that connectivity to the mesh (or node) has been lost. Ignore
the message; the nodes will return to the mesh in three to four minutes.
If you are upgrading a complex, multi-mesh network, start with the mesh furthest away from HotView
Pro and work inward.
Enterprise LAN
or Internet
ethernet
switch wireless mesh
cloud
HotPort
Node
HotPort Node
However, larger networks may want more than one connection, both for performance and redun-
dancy. Such connections are called Network Gateway Interconnects, and they are managed as a group
under the control of a Gateway Server. A Gateway Server (GWS) and its associated NGIs are collectively
called a Gateway Group (GWG).
Performance is increased because there are two (or more) nodes carrying traffic between the wireless
mesh and the wired backbone. Reliability is enhanced because the loss of a single node cannot isolate
the mesh from the wired backbone.
Typically at least two HotPort nodes are chosen to be NGIs, but you can have up to eight NGI nodes in
each Gateway Group. (HotView will permit you to create a GWG with have one NGI, but this offers no
advantage over a straight connection.)
Meshes may have multiple Gateway Groups, up to sixteen per mesh.
A basic Gateway Group is shown in Figure 9. Note that the Gateway Server does NOT have antennas.
The Gateway Servers radios are off. In a Gateway Group, the GWS CPU manages broadcast and multi-
cast packets to avoid loops. Typically, the GWS is located in the computer room, not near the mesh.
Figure 9. Network Gateway Interconnects - Final
NGI
ethernet
switch wireless mesh
Gateway cloud
Server
Enterprise LAN
or Internet
HotPort
Redundant Node
Gateway Server
NGI HotPort Node
wireless mesh
cloud
Temporary Head
Future NGI Future NGI Node
Future
Gateway Server
HotView Pro
X X Workstation
X
Enterprise LAN
Decide which nodes you want to make into NGI nodes. Ideally, they should chosen such that all other
nodes are one or at most two hops away. Bear in mind you will need to run wired Ethernet connections
to these nodes.
You can convert an existing node to be the Gateway Server node, but note that the Gateway Server is
NOT a wireless node on the mesh; its radio is switched off when it is set to Gateway mode. (You may
wish to remove the antennas as a reminder that the Gateway node is not using its radio.)
In most cases, the Gateway Server node should be located in the computer or networking equipment
room. In most cases, you will want to deploy a new node to act as the Gateway Server node. You can
also use the Firetide Controller platform as a Gateway Server. The Gateway Server cannot be a HotPort
Model 3101.
The Gateway Server and the units chosen to be NGIs must be reachable via a wired connection. These
wired connections will carry the external network-bound traffic once the Gateway is configured. Its
best to pick NGI nodes that are not near each other (that is, with multiple hops between them), to
maximize throughput.
When planning your Gateways, consider the following:
Each node in the mesh can have only one Gateway Group port (interface). That is, you can only as-
sign one of each nodes Ethernet ports to a Gateway Group.
Nodes selected as NGI nodes cannot be Mesh Bridge nodes or Ethernet Direct nodes.
All Gateway Group ports in a Gateway Group must belong to the same VLAN (see the section on
VLANs for more information).
When a trunk is enabled on the gateway server you need to configure a Tagged VLAN on the gateway
interface ports. Additionally all non-gateway interface ports must be disabled.
No other ports in the gateway interface node should have the same VLAN as the gateway interface
port.
No VLAN trunk interface can be configured on a gateway interface node.
You can add and remove Gateway Group ports from Gateway Groups dynamically, without rebooting
the node or mesh.
Item Value
Mesh Name
Mesh ID
Mesh ESSID
Gateway Group name
Gateway Group encryption (256/128/none)
Gateway Group encryption key (hex)
Gateway Server node name
Gateway Server IP address
Gateway Server subnet mask
Gateway Server Ethernet port (1-4)
Default Gateway to leave mesh
Secondary GWS IP address
Secondary GWS Ethernet port (1-4)
Network Gateway Interface #1 node name
NGI #1 IP address
NGI #1 subnet mask
NGI #1 Ethernet port (1-4)
Network Gateway Interface #2 node name
NGI #2 IP address
NGI #2 subnet mask
NGI #2 Ethernet port (1-4)
(Extend this table for as many NGIs as you will have in the GWG, up to eight.)
The basic setup sequence is as follows:
1. Configure the first NGI node-to-be with its parameters; using the values from Table 12.
2. Configure the second NGI node-to-be; again using the values from Table 12.
3. Repeat for additional NGIs, if desired.
4. Save the mesh configuration, using the Import Mesh Configuration command.
5. Convert your chosen node to be the Gateway Server node. If you are implementing a secondary
GWS node, convert it now.
6. Connect directly to each GWS node and apply the mesh configuration to it.
7. Connect the wired connections from all NGIs and the GWS to the enterprise Ethernet back-
bone.
These steps are shown in more detail on the following pages.
4. Enter the Group Name, then add the first NGI in the Add New Interface section.
5. Enter all of the NGI IP address information.
6. For this first interface, you will enter the GWS IP information for the primary GWS. You can also
define a secondary (backup) GWS. You will not need to re-enter this information as you add
more NGI interfaces.
7. Enable encryption, if desired, and enter the key. (Encryption can be added later if desired.)
Your screen should look something like Screen 83.
8. Be sure to click Add when you have entered all of the information.
Screen 83. Adding the First NGI and the GWS
10. When you are finished adding NGIs, close the dialog window.
11. Select a node in the mesh, and use the Import Mesh Configuration command to import the
mesh configuration file. Save this file.
12. Select the node youve picked to be the Gateway Server node. Right-click it, and select the
Configure this node to a Gateway Server node command. This is shown in Screen 85. The nodes
radios will be turned off; you may wish to remove its antennas as a reminder.
13. The node will reboot. Use the Delete Down Nodes command (File menu) to remove the node
from the screen view.
14. While the GWS node is booting, re-configure the IP address settings on your computer to let
you talk to the GWS. Its IP address will be 192.168.224.150.
Screen 85. Converting a Node to Gateway Server Operation
Mesh Bridge
Connection
The following pages show how to set up a Mesh Bridge connection between two existing meshes.
Definition of Terms Each Mesh Bridge connection should be named. Pick a name that will assist you in remembering its
location.
Each Mesh has a Mesh ID, Name, IP Address, and ESSID. These must all be unique.
Record the specific node name and Ethernet port that you will use for the Mesh Bridge connection.
The node will look for the connection on the specified port only, you must use the defined port.
The Mesh Bridge connection is an tunnel, and needs an IP address for each endpoint. These must be
unique and on the same subnet.
You can enable encryption if desired. Choose either 128 or 256-bit encryption; enter the key in hex.
An example is shown in Table 14. We will use these values in the following example.
Table 14. Example Mesh Bridge Planning Table
When youve entered all of the required parameters, click on the Add button. Your screen should look
like Screen 87.
Screen 87. Creating a New Mesh Bridge Connection - Step 2
oaj]d]kke]k`
[dgm\
8 9
A single Firetide mesh is analogous to a regular wired Ethernet switch; it operates below the IP layer.
By definition, Ethernet Direct connections operate between nodes on the same mesh. (A wired con-
nection between nodes on different meshes is called a Mesh Bridge. They are covered in the next
section.) A mesh is defined as a collection of nodes which have the following characteristics in com-
mon:
Same radio frequency and channel.
Same IP address.
Same Mesh ID and Mesh Name.
Same encryption settings.
Meshed via radio connections.
A key characteristic of Ethernet Direct connections is that they are part of the routing algorithm, that
it, the algorithm takes it into account when moving packets, and is aware of the fact that an Ethernet
Direct connection is full-duplex, and is generally faster than a radio connection.
An Ethernet Direct connection is a type of tunnel. It operates below the IP layer, so it does not affect
any other tunnels you may have running across your network. An Ethernet Direct connection can be
encrypted. Because it is a tunnel, it can operate over any medium that can carry Ethernet packets.
To create a new connection:
1. Enter a descriptive tunnel name.
2. Select one of the two HotPort nodes that you will use for the connection. It doesnt matter
which end you start with.
Select a specific wired Ethernet port on the chosen node. The tunnel will be known by the pair of IP
addresses which define its endpoints. You may wish to define a subnet within your addressing scheme
(e.g. 10.0.3.x) to use for endpoint identifiers.
3. Enter one of the pair of addresses, the mask (typically 255.255.255.0), gateway, and the
remote IP address.
4. Set the desired encryption. It does not need to match the encryption used on the radio side.
5. Click Add.
The First End Node will now fill in with your data.
1. Click on the File menu and select VLANs. A dialog box appears. Click on the New VLAN button.
Another dialog box appears.
2. Type a new, unique VLAN ID (from 2 to 4095) into the VLAN Number (ID) field. VLAN ID 1 is
reserved for the management VLAN. The software checks for VLAN IDs greater than 4095 and
IDs that are already in use.
3. Select the node whose ports you want to assign to a VLAN from the list on the left, then select
the port(s) you want to assign to this new VLAN.
4. Click on the Add with tagging button to add the port(s) to the new VLAN and classify the
port(s) as a tagged port. The selected node and port(s) appear in the list on the right. [TAG-Y]
identifies a port as tagged. Click on Add without tagging to add a port to the new VLAN and
classify it as an untagged port. The selected node and port(s) appear in the list on the right.
[TAG-N] identifies a port as untagged.
5. Repeat the above step to add more ports to the new VLAN. If you make a mistake, select the
port(s) you want to change from the list on the right and click on the Remove button; to
change all the ports, click on the Remove All button to remove all the ports assigned to the
new VLAN.
6. Click on the Save button. You return to the previous dialog box. The new VLAN is selected in
the list on the left and the ports assigned to it are listed on the right.
1. Disable the ports on the node(s) you do not want to use as VLAN trunk interfaces.
2. Click on the File menu and select VLANs. A dialog box appears.
3. Click on the Edit VLAN Trunks button. Another dialog box appears.
4. Select the node you want to use as a VLAN trunk port or ports from the list on the left.
5. Select the port(s) you want to use as a VLAN trunk port or ports.
6. Click on the Add button. The selected node and port appear in the list on the right.
7. Repeat the above three steps to configure other ports as trunk ports.
8. To remove ports configured as trunk ports, select the port(s) you want to change from the list
on the right and click on the Remove button; to remove all the ports configured as trunk ports,
click on the Remove All button.
9. Click on the Save button. You return to the previous dialog box.
10. Click on OK.
The Management VLAN option is for management of the HotPort nodes only. The Firetide Manage-
ment VLAN can only be configured on a trunk interface which supports multiple VLANs. This is used
to identify which VLAN the Firetide Management traffic belongs to. A regular VLAN can be configured
on any of the ports and is used for classifying the client traffic. Because each port on a HotPort node
can only be associated with a single VLAN, you cannot, for example, have a separate traffic VLAN and
management VLAN for an external Ethernet device, such as an access point. If a management VLAN
is configured on a trunk port then all the firetide management traffic would use that VLAN. If no
management VLAN is configured on the trunk interface then the default VLAN 1 is used to transmit /
receive Firetide Management traffic.
Checking RSSI Under the heading Neighbor Statistics, the display shows the strength of each neighbor-node signal
received by each radio. In the example mesh, there are four nodes, hence three neighbor nodes.
Look for links with RSSI levels weaker than -72 dBm (i.e. numbers more negative than -72). In this
example, we see that Radio 2s link to Neighbor Node CS6202-219 is -77 dBm.
If the node has more than two links to it, use the Link Elimination command in HotView Pro to elimi-
nate the weak link. If the node only has two links, you should find a way to improve the RSSI value.
This might involve repositioning the node or its antenna, using a higher-gain antenna, or adding an
additional node at a half-way point between the low-RSSI node and the rest of the mesh.
Be sure to check the RSSI in both directions; i.e., check it on each and every node. Its possible for
the RSSI to be strong in one direction but weak in the other. For example, Node CS6202-219 shows an
RSSI of only -70 dBm, as shown in Screen 96. Eliminate the node be if it is weak at either end.
Checking Link Quality Once you have resolved any RSSI issues, you should check the link quality, shown under Radio Statis-
tics (the second panel in the window). This is shown as a percentage. Interference, multi-path reflec-
tions, and Fresnel zone obstructions are among the factors which can degrade link quality. Check link
quality in both directions, as well.
If the link quality on any link is below 60%, either eliminate the link (if its not needed) or try to iden-
tify the source of the interference and correct it.
Setting Link Speed After youve verified RSSI and link quality in both directions on every link, you should set the link
speed for each link in the mesh. Manually setting the link speed improves overall performance be-
cause the mesh does not attempt to negotiate higher link speeds. Right-click on each node and select
Radio Settings. Link speed is set as shown in Screen 97.
Screen 97. Setting the Link Speed
In most cases the link speed should be set to 36 Mbps (shown as 36000 in HotView). Actual link speed
can be viewed and monitored in the statistics tab, as shown in the first panel in Screen 95.
If the link speed drops below 36000, you should manually set it to the next speed lower than the low-
est observed value. For example, if the link drops to 24000, manually set it to 18000.
Firetide mesh technology offers two additional features which you may want to use in conjunction
with a video surveillance system. Video traffic can be segregated onto its own virtual LAN (VLAN),
and it can be assigned a higher Quality of Service (QoS). A separate VLAN increases security by mak-
ing it more difficult for other devices on the mesh to see packets from the camera nodes. Assigning
a higher QoS to video insures that video images will not be interrupted even during periods of peak
data transfer. These features are not required, and may not be needed in a network used primarily for
video. However, if you plan to use the network for voice and data traffic as well, you should implement
both features. Refer to the HotView Pro manual for details.
Select one end of the as the Reference Node, and select the radio number. You can then select the
second node either by the user-assigned name or the unit serial number. Select the radio number for
the second node, then click on Eliminate Link.
You should repeat this process for each link to be eliminated. The eliminated links will be shown in the
window as you proceed, as shown in Screen 99. Eliminated links can be un-eliminated by selecting the
link in the window and clicking on Remove.
Screen 99. Link Elimination - Complete
In the example mesh, there are four nodes, hence three neighbor nodes. In this example, we see
that Radio 2s link to Neighbor Node CS6202-219 is -77 dBm.
Be sure to check the RSSI in both directions; i.e., check it on each and every node. Its possible
for the RSSI to be strong in one direction but weak in the other. For example, Node CS6202-219
shows an RSSI of only -70 dBm
Link Quality - a computed number which combines signal strength, interference, collisions, and
other factors to develop a quality metric for the link. Link quality should be a least 60%. Because a
certain amount of interference and collisions are normal, it is unusual to see this number as high
as 100%, but values below 60% should be investigated further.
Data Rate - a link which is experiencing interference will auto-negotiate to a lower speed. If you
see links running a slower speeds than expected, investigate further. There may be occasional or
intermittent interference which is causing the slowdown.
Screen 100. Viewing Statistics
You should click the Refresh button after you open the statistics window. This causes fresh data to be
collected form all nodes, thus insuring data is up to date. You can resize the columns by clicking on a
dividing line in the column heading and dragging.
A check mark in the field indicates the occurrence of an error condition affecting the node. The col-
umns in the Current Faults View include the following information:
Severity Displays an icon representing the severity of the fault, as described below.
Table 16. Key to Color Codes for Fault Severity
All nodes must have identical radio settings in order to mesh together. Note that high-power nodes
(3500 Series and 3600 Series) are single band; if you have a mix of 2.4 GHz and 5 GHz nodes, you
cannot place them all on the same mesh. The easiest way to fix this is to factory-reset the node,
then use the Apply Mesh Configuration command to copy the correct configurations to each node
in turn. (You obtain the configuration file by using the Import Mesh Configuration command from
a good node.)
The HotPort node has been factory-reset. If the node has been reset, it will not join an existing
configured mesh. Fix as described above.
If you are bringing up nodes which have already been installed in field locations (this is not recom-
mended), temporarily move the missing HotPort node closer to one of the HotPort nodes that ap-
pears on the HotView Pro screen. If the node appears on the screen after doing this (usually within 60
seconds), it was probably located too far from the rest of the mesh. You can either relocate it closer to
the rest of the mesh or add one or more additional HotPort nodes between the mesh and the desired
location. You can use a third-party software tool to help troubleshoot node-connection problems.
Poor Performance Check the RSSI values and the link quality, as discussed in Chapter 22. Also check the actual radio data
speeds. If any of these are poor, a possible reason is interference.
Is there periodic use of equipment which might cause interference? (e.g. microwave ovens.)
Does the number of people in the building vary dramatically? People are good absorbers of RF
energy. Check RSSI with the building full.
Warning: Moving Wired Normally your HotView Prom NMS is connected to a HotPort node and left connected. However, during
Connections from Node to Node service work you may find that ARP tables are used by Windows, Linux, and most other operating sys-
tems to track the MAC (Ethernet) address associated with each IP address. If you are using a worksta-
tion to configure multiple HotPort nodes individually, the workstation may lose connection to a node
due to a stale ARP entry. To avoid this, whenever you physically connect to a different node, flush the
ARP cache with the following command:
> arp -d *
Refer to the ARP information in the Appendices for more information.
When an access point has been configured, it is shown in the HotView mesh diagram:
Screen 107. HotView Pro Mesh Screen with Third-Party Access Point
The Auto Discover command can then be used to identify all of the access points once theyre in-
stalled. A summary list is available:
Screen 109. Third-Party Auto-Discover Results
1. Create one or more VAP Groups, using the VAP Group Configuration command. You must have at
least one group, even if you only have one AP.
2. Use the VAP Configuration command to configure those VAP features which are controlled per
physical AP. (DHCP, DNS, NAT)
3. Use the VAP Group configuration command to assign the SSID, security, and other features for
the entire VAP group.
4. Use the AP Group command to group all of APs into a management group. (This is not neces-
sary if you only have one AP. Also, you can create more than one group if you require multiple
management domains, but in most cases this is not required.)
Table 17. Default IP Addresses
HotPoint Connection Method DHCP Server Default IP Address
via HotPort node dont-care none
DHCP available as assigned by DHCP
Standalone
no DHCP available 192.168.224.160
Name
IP Address
Firewall
VAP Groups VPN
If youre operating your access points as Standalone units and you are using HotView, launch it and
check the Manage Standalone APs box in the login screen. If youre using HotView Pro, just launch it
and log in. In either case, your screen will look like Screen 111 - that is, blank. You will add the APs
next.
Screen 111. HotView / HotView Pro - Standalone APs
Enter the IP addresses of each node, and click the Add button, as shown in Figure 113. Then click
Save.
Screen 113. Adding HotPoint IP Address to HotView
When youve finished adding the IP addresses, HotView will automatically discover the APs. Your
screen should look like Figure 114.
Regardless of whether your nodes are Associated or Standalone, you can now proceed with configura-
tion.
Screen 114. Access Point Display - Standalone Mode
Click on the New VAP Group button. The New VAP Group screen appears, as shown in Figure 18.
Enter a VAP Group Name. This is NOT the same as the SSID. Select one (or more) APs which will sup-
port this VAP group. Note that APs can be members of more than one VAP group. Typically, all APs are
members of all VAP Groups.
You can also create Wireless Distribution Service (WDS) networks. However, there are two limitations.
First, APs which are members of a WDS-enabled VAP Group cannot be members of any other VAP Group.
Second, and more critically, do not use WDS to bridge two APs which are connected to the same Firetide
mesh. This creates a routing loop.
Next, set the SSID and radio data rates.
There are two remaining basic setup steps: VAP Configuration and VAP Group Configuration. The order
in which you do these is not critical; this manual will configure each VAP next.
Figure 18. Creating a New VAP Group
Intracell Blocking Intracell blocking allows you to prevent users of a given VAP from seeing each other. When enabled,
all users can use the VAP to reach the network, but no user can see or access other computers on that
VAP.
Note: Intercell blocking is accomplished with VLANs. To implement it, configure a VLAN for each VAP.
Refer to the HotView Pro User Guide for details on VLAN configuration.
User Data Rate In order to prevent one user from consuming excess bandwidth on the backbone, you can limit the
data rate for each user. You can also limit the aggregate rate for each VAP Group.
IAPP and Roaming The Inter-Access Point Protocol describes an optional extension to IEEE 802.11 that provides wireless
access-point communications among multivendor systems. If you have other APs which support it,
you can enable its operation and set the port used for control.
Fast roaming is also supported for clients which support PMKID.
WMM WMM, also known as WME, allows clients which support the Wireless Multimedia Extensions protocol
to prioritize VoIP and video traffic. If your clients support it, enable it here.
HotView Pro
Network Management Station
freq 1
Controller Gateway
eth0 Server Node
eth1
Network Gateway
Interface freq 2
Mobile Node
Figure 31 shows a common, but more complex configuration. Here, the Controller is not physically
near the mesh, and the Controller-mesh connection must be routed over the Internet. Note that the
Gateway Server node can be near the mesh (as shown), or near the controller; that is, between the
controller and the public Internet cloud.
Figure 31. Controller Connection via the Public Internet.
HotView Pro
Network Management Station Gateway
Server Node
Network Gateway
Enterprise Public Interface
LAN Internet
Controller
eth0
eth1
Network Gateway
Interface
When the VPN tunnel runs over the public Internet (or any complex, routed network), the Controller
tunnel should be transported inside another tunnel, using a VPN-compatible router to interface the
connection through the public network.
You may have as much LAN infrastructure in between the Controller and the meshes and APs as you
want, but that infrastructure must be VPN compatible, and must permit ICMP traffic to pass. (The GRE
tunnels use ICMP packets for certain control functions, but some firewalls may block ICMP traffic.) All
of the IP addresses assigned must be routable to each other. An easy way to confirm this is to ping
each IP address after you have finished assigning them to all elements in the system.
Modifying the Controller Settings You use the Controller Configuration tabs to modify Controller settings. Right-click on the Control-
ler icon to bring up the Controller Configuration window. Set the network-side IP address to a value
compatible with your network design. The default is 192.168.224.10, but you should change it. (You
should also change the user ID and password; you can do so via the User Accounts tab.)
Screen 119. Controller Configuration Settings
When you are done, select the Network View tab. Your screen should be similar to this:
Screen 120. Controller View in HotView Pro
The Controller uses secure encrypted tunnels to communicate with the meshes. Next, you will assign
the IP address for the tunnel(s) on the mesh side of the Controller. Then you will enter the informa-
Completing the Tunnel To complete the tunnel, use the Mesh Tunnel Configuration command; access it by right-clicking on
the Controller icon. This will bring up the Mesh Tunnel Data Entry window, shown in Screen 123.
Screen 122. Mesh Tunnel Configuration Command
Enter the IP addresses and other information as required, near the bottom of the panel. The list in the
center will show all of the meshes added to the Controller.
August 2007 Firetide Instant Mesh Networks 159
Screen 123. Mesh Tunnel Data Entry Window
Meshes which are reachable only through Mesh Bridge connections must be added separately. Do this
using the Controller Mesh Bridge Configuration command, accessed by right-clicking the Controller.
You need only add the Mesh ID number and the Controller will configure itself.
Screen 124. Adding Mesh-Bridge-Accessible Meshes to a Controller.
This brings up a dialog window, shown in Screen 126, which allows you to save a configuration file for
each mesh. Be sure to give the files names which will help you identify them later.
Screen 126. Importing a Controller Configuration
When the tunnels are all correctly configured, your Network view will look something like this:
Screen 128. Tunnel Configuration - Final
You have completed the configuration of tunnels for mesh management. You must now tell each mesh
to work with the Controller.
When you are done, the Mesh views should look something like Screens 130 and 131.
Screens 130 and 131
Click the New Controller Group button, enter a group name, and add your Controllers to it.
Screen 134. Adding Controllers to a New Controller Group
Next, select each Controller in turn by right-clicking. This brings up a file selection dialog; locate the
file you saved and apply it to the Controller. Select the Controller to which you are applying the saved
file.
Once you have completed this for all Controllers, your Controller-to-Controller tunnel is done.
Making a Node Mobile Last but not least, you must tell each mobile node that it is to be mobile. Do this by right-clicking on it
and selecting the HotPort Type option from the menu. Select the Mobile button to convert the node.
Note that nodes can be converted back with the same command. Dont forget to include the nodes
serial number in the ACL.
Select the Controller operating mode for the type of APs that you have. Note that this command does
NOT change the operating mode of the Access Point; rather it determines which type of AP the Con-
troller will work with. One Controller cannot support both types of APs at the same time.
Screen 138. Specifying the Type of AP to be Controlled
Enter the tunnel IP address for the Access Point, and also the IP address you selected for the tunnel
endpoint on the Controller. Repeat this for each AP on all meshes.
Defining the Standalone AP Tunnel Select the Controller Tunnel tab in the same window. Here you will enter the IP address to which each
Endpoint (eth1) - Controller End standalone AP will tunnel. You can also specifiy security settings.
Enter the IP address information of the Controller, as you defined it earlier. Repeat this for each Ac-
cess Point in your network. Controller configuration is now complete.
Screen 145. Defining the IP Address
Channel Lower Limit (GHz) Center Frequency (GHz) Upper Limit (GHz)
1 2.401 2.412 2.423
2 2.404 2.417 2.428
3 2.411 2.422 2.433
4 2.416 2.427 2.438
5 2.421 2.432 2.443
6 2.426 2.437 2.448
7 2.431 2.442 2.453
8 2.436 2.447 2.458
9 2.441 2.452 2.463
10 2.446 2.457 2.468
11 2.451 2.462 2.473
SYNOPSIS
arp hostname
arp -a
arp -d hostname
arp -s hostname ether_addr [temp] [pub]
arp -f filename
DESCRIPTION
The arp program displays and modifies the Internet-to-Ethernet address translation
tables used by the address resolution protocol (arp(4)). With no flags, the program
displays the current ARP entry for hostname. The host may be specified by name or by
number, using Internet dot notation.
Available options:
-d A super-user may delete an entry for the host called hostname with the -d flag.
-s hostname ether_addr. Create an ARP entry for the host called hostname with the
Ethernet address ether_addr. The Ethernet address is given as six hex bytes separated
by colons. The entry will be permanent unless the word temp is given in the command.
If the word pub is given, the entry will be published; i.e., this system will act as
an ARP server, responding to requests for hostname even though the host address is not
its own.
SEE ALSO
inet(3), arp(4), ifconfig(8)
HISTORY
The arp command appeared in 4.3BSD.
SYNOPSIS
ping [-AaDdfnoQqRrv] [-c count] [-i wait] [-l preload] [-M mask | time] [-m ttl] [-P
policy] [-p pattern] [-S src_addr] [-s packetsize] [-t timeout] [-z tos] host
ping [-AaDdfLnoQqRrv] [-c count] [-I iface] [-i wait] [-l preload] [-M mask | time]
[-m ttl] [-P policy] [-p pattern] [-S src_addr] [-s packetsize] [-T ttl] [-t timeout]
[-z tos] mcast-group
DESCRIPTION
The ping utility uses the ICMP protocols mandatory ECHO_REQUEST datagram to elicit an
ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (``pings) have an
IP and ICMP header, followed by a ``struct timeval and then an arbitrary number of
``pad bytes used to fill out the packet. The options are as follows:
-A Audible. Output a bell (ASCII 0x07) character when no packet is received before the
next packet is transmitted. To cater for round-trip times that are longer than the
interval between transmissions, further missing packets cause a bell only if the
maximum number of unreceived packets has increased.
-a Audible. Include a bell (ASCII 0x07) character in the output when any packet is
received. This option is ignored if other format options are present.
-c count Stop after sending (and receiving) count ECHO_RESPONSE packets. If this option
is not specified, ping will operate until interrupted.
-D Set the Dont Fragment bit.
-d Set the SO_DEBUG option on the socket being used.
-f Flood ping. Outputs packets as fast as they come back or one hundred times per second,
whichever is more. For every ECHO_REQUEST sent a period ``. is printed, while for
every ECHO_REPLY received a backspace is printed. This provides a rapid display of how
many packets are being dropped. Only the super-user may use this option. This can be
very hard on a net- work and should be used with caution.
-I iface Source multicast packets with the given interface address. This flag only applies
if the ping destination is a multicast address.
-i wait Wait wait seconds between sending each packet. The default is to wait for one
second between each packet. The wait time may be fractional, but only the super-user
may specify values less than 1 second. This option is incompatible with the -f option.
-L Suppress loopback of multicast packets. This flag only applies if the ping destination
is a multicast address.
-l preload. If preload is specified, ping sends that many packets as fast as possible
before falling into its normal mode of behavior. Only the super-user may use this
option.
-M mask | time Use ICMP_MASKREQ or ICMP_TSTAMP instead of ICMP_ECHO. For mask, print the
netmask of the remote machine. Set the net.inet.icmp.maskrepl MIB variable to enable
ICMP_MASKREPLY. For time, print the origination, reception and transmission time-
stamps. -m ttl Set the IP Time To Live for outgoing packets. If not specified, the
kernel uses the value of the net.inet.ip.ttl MIB variable.
-n Numeric output only. No attempt will be made to look up symbolic names for host
addresses.
-o Exit successfully after receiving one reply packet.
-P policy policy specifies IPsec policy for the ping session. For details please refer to
ipsec(4) and ipsec_set_policy(3).
-p pattern You may specify up to 16 ``pad bytes to fill out the packet you send. This
is useful for diagnosing data-dependent problems in a network. For example, ``-p ff
will cause the sent packet to be filled with all ones.
-Q Somewhat quiet output. Dont display ICMP error messages that are in response to our
query messages. Originally, the -v flag was required to display such errors, but -v
displays all ICMP error messages. On a busy machine, this output can be overbearing.
Without the -Q flag, ping prints out any ICMP error mes- sages caused by its own ECHO_
REQUEST messages.
When using ping for fault isolation, it should first be run on the local host, to
verify that the local network interface is up and running. Then, hosts and gateways
further and further away should be ``pinged. Round-trip times and packet loss
statistics are computed. If duplicate packets are received, they are not included
in the packet loss calcula- tion, although the round trip time of these packets is
used in calculat- ing the round-trip time statistics. When the specified number of
packets have been sent (and received) or if the program is terminated with a SIGINT, a
brief summary is displayed, showing the number of packets sent and received, and the
minimum, mean, maximum, and standard deviation of the round-trip times.
If ping receives a SIGINFO (see the status argument for stty(1)) signal, the current
number of packets sent and received, and the minimum, mean, and maximum of the round-
trip times will be written to the standard error output. This program is intended for
use in network testing, measurement and management. Because of the load it can impose
on the network, it is unwise to use ping during normal operations or from automated
scripts.
TTL DETAILS
The TTL value of an IP packet represents the maximum number of IP routers that the
packet can go through before being thrown away. In current practice you can expect
each router in the Internet to decrement the TTL field by exactly one. The TCP/IP
specification recommends setting the TTL field for IP packets to 64, but many systems
use smaller values (4.3BSD uses 30, 4.2BSD used 15). The maximum possible value of
this field is 255, and most UNIX systems set the TTL field of ICMP ECHO_REQUEST packets
to 255. This is why you will find you can ``ping some hosts, but not reach them with
telnet(1) or ftp(1). In normal operation ping prints the ttl value from the packet it
receives. When a remote system receives a ping packet, it can do one of three things
with the TTL field in its response:
Do Not change it; this is what BSD systems did before the 4.3BSD-Tahoe release.
In this case the TTL value in the received packet will be 255 minus the number of
routers in the round-trip path.
Set it to 255; this is what current BSD systems do. In this case the TTL value in the
received packet will be 255 minus the number of routers in the path from the remote
system to the pinging host.
Set it to some other value. Some machines use the same value for ICMP packets that
they use for TCP packets, for example either 30 or 60. Others may use completely wild
values.
RETURN VALUES
The ping utility returns an exit status of zero if at least one response was heard
from the specified host; a status of two if the transmission was successful but no
responses were received; or another value (from <sysexits.h>) if an error occurred.
AUTHORS The original ping utility was written by Mike Muuss while at the US Army Ballistics
Research Laboratory.
DATABASE INSTALL
1. Open the pgadminIII tool from the programs menu.
2. Right click on postgreSQL database server and select connect.
3. Give the password entered on step 7 above.
4. Right click again on postgreSQL database server and select new object/new database.
5. Give a name for the database (remember this name), click ok.
6. Expand the tree for postgreSQL database server and then databases and select the database
you created in step 5.
7. Click on SQL on the top menu.
8. Open file nmspro_create.sql to create tables, press F5 to execute. There is another file nm-
spro_drop.sql to drop all the tables.
The PostgreSQL installation is now complete. If you encounter problems, consult the PostgreSQL web
page for help.
Supported Commands
adduser : This command takes the additional arguments <context>, <user name> and optionally
auth/priv protocol types. For noAuth context, no auth/priv protocols are used. For auth or
priv context an additional argument specifying the auth protocol is expected. The possible values
are md5 or sha. Also, the user is prompted to enter the auth password. For priv context, an-
other argument specifying the priv protocol is expected, in addition to the auth protocol. The pos-
sible priv protocols are des or aes. Like auth password, the user is prompted for priv password
in this case.
deluser : This command takes the additional argument <user name> and removes that user.
showuser : This command takes no additional arguments and lists all the users.
addtarget : If this command is specified, three additional arguments are expected, <target name>,
<target host address> and <target port>.
deltarget : Here, just one additional argument is expected, the <target name> which needs to be
deleted.
showtarget : This command takes no more arguments and lists down all the targets, currently con-
figured.
Default Users By default, the agent comes up with 3 default users and a default target. The default users are no-
AuthUser, authUser (authProtocol is MD5 and authPassword is authUser) and privUser (auth-
Protocol is MD5, privProtocol is DES, authPassword is privUser and privPassword privUser). The
default target is port 8003 in localhost (127.0.0.1). When started in agent or standalone mode, the
SNMP agent uses the last used HotView Pro IP and HotView Pro user name, prompts for the HotView
Pro password and attempts to connect to the head node. In its first invocation, the HotView Pro IP and
user name defaults to 192.168.224.150 and admin. The other defaults are, UDP for agent proto-
col, V3 for SNMP version, 8085 for the agent port, 8086 for the trap port. Also, the agent comes up
by default as V1/V2 compliant and supports standard MIBs for configuring users and targets. These
defaults may be changed by additional preference arguments as per the command line format.
If the agent is started with guest user, the whole MIB becomes read-only and all SET operations fail.
However, with admin user, all write operations are permitted as per the MIB.
To connect to the agent from the MIB browser application, edit the V3 user settings to match one of
the users (noAuthUser, authUser or privUser, by default) configured in the SNMP agent.
To receive the traps start the trap viewer to listen to a target port (port 8003 in localhost, by default)
as configured in the agent. A cold start notification is always sent, when the agent starts up. This may
be used as a means to verify that the trap viewer configuration is correct.
The Firetide Mesh MIB The agent implements the FIRETIDE-MESH-MIB enterprise for configuring Firetide mesh routers.
Apart from this, it also supports the standard MIBs, SNMP-TARGET-MIB, SNMP-USER-BASED-SM-MIB,
to allow configuration of users and targets. It also supports standard MIBs like SNMP-v2-MIB for
SNMP statistics.
FIRETIDE-MESH-MIB resides in FiretideMesh group of Firetide enterprise - 22835 as assigned by
IANA.
The complete MIB is included on the CD. Please refer to it for detail on available MIBs and their param-
eters.
Screen 148