BreadCrumb® Wireless Network User Guide For the BreadCrumb® Wireless Network Release 8.
BreadCrumb® Wireless Network User Guide: For the BreadCrumb® Wireless Network Release 8.4 by Rajant Corporation Copyright © 2005-2006 Rajant Corporation Revision History Revision 1.1 February 20, 2006 Revision 1.
Table of Contents Preface .........................................................................................................................................................i Purpose and Scope ..............................................................................................................................i User Information .................................................................................................................................i 1. Introduction......................
5. Using BCAdmin™ ...............................................................................................................................20 Screen Layout ..................................................................................................................................20 Topology Area ........................................................................................................................21 Anatomy of the BreadCrumb Box ..................................................
List of Tables 3-1. Available BreadCrumb Models ............................................................................................................8 4-1. Best-Case Distances by Radio Power.................................................................................................18 5-1. BCAdmin Line Colors Legend...........................................................................................................24 5-2. BCAdmin Line Styles Legend ..........................................
Preface Purpose and Scope This manual provides information and guidance to all personnel who are involved with and use Rajant Corporation’s BreadCrumb® Wireless Network devices ("BreadCrumb® devices") in tactical situations. This manual begins with an introduction to the BreadCrumb Wireless Network and a brief overview of the various BreadCrumb device models available. This is followed by a guide to BCAdmin™, the management application used to configure BreadCrumb devices before or during a deployment.
Chapter 1. Introduction Rajant Corporation’s (http://www.rajant.com) BreadCrumb Wireless Networks are portable, mobile, battery-powered, automatically-meshing, self-healing, full-duplex, secure, 802.11b access points. Their focus is on flexibility, adaptability, and simplicity. The BCWN (BreadCrumb Wireless Network) is intended for rapid deployment of a broadband wireless network into a situation or "hot zone." The BreadCrumb Wireless Network components utilize the 802.
Chapter 1. Introduction Mobility through Meshing The key component to a BreadCrumb Wireless Network is a technique known as Meshing. While this is generally handled automatically by BreadCrumb devices, complex deployment scenarios require a basic understanding of how BreadCrumb devices establish and maintain a mesh. Mesh - A Definition A mesh is a collection of network devices (in our case, BreadCrumb devices), each of which is connected to one or more other BreadCrumb devices.
Chapter 1. Introduction Figure 1-1. Meshing Example 1 - Full Connectivity Example 2 Now suppose that you change the ESSID of BreadCrumb device C to "lonely". The network will adjust to this change, resulting in the following configuration: Note that BreadCrumb device C can no longer communicate with A or B, and vice versa. Figure 1-2.
Chapter 2. Upgrading to Version 8.4 This section is only necessary for BreadCrumb device/BCAdmin users of versions earlier than 8.4. If your entire BCWN is operating at version 8.4 or higher, you may safely skip this chapter. New Features • Fortress Technologies’ AES-256 encryption is enabled, allowing Fortress encryption to be used on existing BreadCrumb devices under Rajant’s new licensing terms with Fortress Technologies (http://www.fortresstech.com).
Chapter 2. Upgrading to Version 8.4 • Selection of a unique ESSID (network name) for the BreadCrumb network is recommended. A BreadCrumb device equipped with tri-color LED incorrectly indicates a meshed connection (GREEN) when in the presence of an 802.11b access point with the same ESSID. Installing / Upgrading BCAdmin 1. Install the latest JRE from http://www.java.com 2. Download version 8.4 of BCAdmin for Windows or Linux using the link provided by your Rajant Account Manager. 3.
Chapter 2. Upgrading to Version 8.4 Figure 2-2. Version 3 Power Input 2. Download the correct firmware zip archive for the board determined in the previous step, using the link provided by your Rajant Account Manager. 3. Create a new, empty folder and unzip the archive into it. 4. Copy the unzipped files (and only those files) onto an empty (no pre-existing files) ATA Flash Memory Card (of at least 16MB). The flash card may be directly purchased from http://www.magicram.com/flshcrd.htm 5.
Chapter 2. Upgrading to Version 8.4 • Allow the BreadCrumb to operate FOR NO LESS THAN 5 MINUTES before rebooting or turning OFF. Important: After a flash update, you should ensure that at least one client device has the new BCAdmin installed, is "permitted" in the device’s ACL list, and is designated as an administrator. Important settings that were lost in the flash may be re-keyed, but do not reboot the BreadCrumb device until it has run for at least five minutes after its initial power-up after flash.
Chapter 3. Models The following table summarizes the differences between the BreadCrumb models available. Each model is described in greater detail later in this chapter. ME WE Usage Weight/ Worn by size-sensitive mobile deployments individual (UAVs, etc.) Dimensions 6" x 3.75" x 7.5" Weight SE XLV XLE Placed as necessary, long range use Vehiclemounted, long-range use Placed as necessary, incl. vehicle mount, contains embedded MPEG video encoder, long-range use 7.25" x 4.75" 8.25" x 6.5" x 2.
Chapter 3.
Chapter 3. Models • On UAVs • In portable sensor packages Important: In a BCWN containing single-radio BreadCrumb devices, all BreadCrumb devices to which the single-radio BreadCrumb device communicates must have one radio on the same channel as the single-radio BreadCrumb device. External Connectors Figure 3-1.
Chapter 3. Models External Connectors Figure 3-2. BreadCrumb WE - External Connectors BreadCrumb SE The BreadCrumb SE is the basic building block of most BCWN networks. Its two radios and ethernet interface enable the full suite of BreadCrumb features (with the exception of long range and integrated video encoder), while its size allows it to be easily transported to and placed wherever necessary.
Chapter 3. Models External Connectors Figure 3-3. BreadCrumb SE - External Connectors BreadCrumb XL The BreadCrumb XL is a long-range model, capable of 11Mb communications at distances of 7 miles (11.2km) or more, and lower-speed communications at even greater range. BreadCrumb XLs have been rapidly deployed: • In Air Traffic Control towers • On mountaintops • On ships Important: The range-extending circuitry within a BreadCrumb XL is permanently tuned to 802.11b channels 1 and 11.
Chapter 3. Models External Connectors Figure 3-4. BreadCrumb XL - External Connector BreadCrumb XLV The BreadCrumb XLV is identical to the BreadCrumb XL, with the exception that it also accepts unfiltered vehicle power (6-40VDC) as a power source. This allows long-range communication within and among vehicle convoys and bases, and enables the bridging of widely spread networks by vehicles.
Chapter 3. Models External Connectors Figure 3-5. BreadCrumb XLV - External Connectors BreadCrumb XLE The BreadCrumb XLE further builds upon the BreadCrumb XLV by including an MPEG video encoder and an external BNC video connector. A composite video source can be connected to the BreadCrumb XLE and its video stream will be available to other devices on the BCWN.
Chapter 3. Models External Connectors Figure 3-6. BreadCrumb XLE - External Connectors (front) Figure 3-7.
Chapter 4. Deployment Considerations Addressing When routing to another network or when using its own embedded DHCP servers, the BreadCrumb Wireless Network requires that wireless devices use IPv4 addresses in the Class A network 10.0.0.0/8 (that is, any address that begins with "10."). If you are not connected to another network, or if you are bridging to one rather than routing to it, your wireless client devices may have any address whatsoever.
Chapter 4. Deployment Considerations In some cases, however, it is necessary to manually set the radios to specific channels as described below. Channel Assignment for Single-Radio BreadCrumb Devices (ME and WE) Single-radio BreadCrumb devices (models ME and WE) present a challenge for deployments in which those BreadCrumb devices are needed to provide critical links within a mesh.
Chapter 4. Deployment Considerations Unobstructed LOS is not necessary from every BreadCrumb device and wireless client to every other BreadCrumb device and wireless client. However, each device must have unobstructed LOS to the previous and subsequent device. Distance Many factors determine acceptable distances between BreadCrumb devices when deploying a BCWN. If many devices are placed too closely together, it is possible that interference will degrade the performance of the system.
Chapter 4. Deployment Considerations Weather Precipitation and fog also act as obstructions blocking the propagation of the wireless network’s radio waves. Light fog or precipitation may result in a noticeable degradation of wireless network performance. Heavy precipitation or fog may result in severe performance degradation and possible loss of network connectivity.
Chapter 5. Using BCAdmin™ Note: Some portions of this section assume a working knowledge of TCP/IP networking, including DHCP, NAT, and DNS. While the network lay person may be able to perform some BCWN management tasks, it is recommended that network configuration be performed by experienced network administrators.
Chapter 5. Using BCAdmin™ Figure 5-1. BCAdmin Screen at Startup (No Network) The large area on the left is the Topology Area, showing the current shape of the network at any given time. The Info Area to the right shows detailed information for BreadCrumb devices, client devices, and wireless links. Note: If your BCAdmin workstation does not have a network address in the 10.0.0.0/8 range, the large black area will instead be red until you obtain such an address.
Chapter 5. Using BCAdmin™ Tip: BCAdmin makes an effort to layout the Topology Area in an easily readable way, with a minimum of line intersections and superimposed boxes. Sometimes, however, the screen can get cluttered. BCAdmin provides two features to help cope with this, which may be used in combination: • A Play/Pause button in the toolbar below the File menu allows you to enable/disable continuous layout, effectively allowing you to "lock" BreadCrumb devices in place.
Chapter 5. Using BCAdmin™ Individual BreadCrumbs. This allows the administrator to distinguish between multiple BreadCrumb devices in a BCWN. If the BreadCrumb device has no name assigned, its ID is used. The ID is a unique, alphanumeric, non-editable string used internally by the BreadCrumb device. 2. Time Since Last Update Each BreadCrumb device sends periodic information updates to BCAdmin, in intervals ranging from about 5 seconds to about 20 seconds.
Chapter 5. Using BCAdmin™ Figure 5-3. The Client Box 1. Client MAC Address/Nickname The MAC address or administrator-set nickname of the client device. Tip: An administrator can set nicknames for each client device. These nicknames are then displayed in the Topology Area instead of the MAC address. To set a nickname, right-click on the client device and choose Set Client Nickname.
Chapter 5. Using BCAdmin™ 802.11b Channel Line Color 11 Purple Table 5-1. BCAdmin Line Colors Legend Link Speed (Mbps) Line Style 11 Solid 5.5 Dashed 2 Dot-Dash 1 Dotted Table 5-2. BCAdmin Line Styles Legend Asymmetric Connections For a variety of environmental reasons (antenna placement, radio reflections, interference, etc.), asymmetric connections are sometimes formed between BreadCrumb devices.
Chapter 5. Using BCAdmin™ Figure 5-5. Redundant Connection Example Info Area The Info Area shows detailed information specific to the currently selected BreadCrumb device, if any. To select a BreadCrumb device in the Topology Area, single-click it with your mouse. The selected BreadCrumb device will be highlighted with a dashed border. The top portion of the Info Area shows a summary of the selected BreadCrumb device’s configuration as pictured below: Figure 5-6.
Chapter 5. Using BCAdmin™ The bottom portion of the Info Area contains three tabs, each of which contains a list of connections (if any). The BreadCrumbs tab shows connections to other BreadCrumb devices, the Clients tab shows connections with client devices, and the Pending Peers tab shows connections with other BreadCrumb devices that have not yet reported to BCAdmin (e.g., have just been turned on and are not yet fully booted, or are only reachable via an extremely poor link).
Chapter 5. Using BCAdmin™ configured, with configuration options grouped by tabs into multiple categories. Each tab and its settings are described in this section. General Settings The "General" tab contains controls for configuring several simple system-wide settings: Figure 5-8. BreadCrumb Properties - General Tab The available settings are: 1. Name This is a descriptive name used only for identification of the BreadCrumb device within BCAdmin.
Chapter 5. Using BCAdmin™ 4. Color This field controls the color of the BreadCrumb box as drawn by BCAdmin. This can be used to reflect the actual color of the BreadCrumb or to represent any other information administrators see fit. 5. ESSID The ESSID is the name of the network provided by the BreadCrumb device’s internal Access Point(s) and used for meshing purposes. When left blank, the default "breadcrumb" is used. 6.
Chapter 5. Using BCAdmin™ Radio Settings The "Radios" tab contains controls for configuring each of the BreadCrumb device’s 802.11b radio radios: Figure 5-9. BreadCrumb Properties - Radios Tab The available settings for each radio are: 1. Channel Channel selection may be automatic as described in the Section called Channel Assignments in Chapter 4, or radios may be fixed to specific channels. If one radio is set to use automatic channel selection, so must all of a BreadCrumb device’s other radios.
Chapter 5. Using BCAdmin™ Note: BCAdmin will not allow you disable all of the checkboxes on this tab. Reachback Settings The "Reachback" tab contains controls for configuring the BreadCrumb device’s interconnection with other networks, both wired and wireless: Figure 5-10. BreadCrumb Properties - Reachback Tab The available settings are: 1. Reachback Interface This dropdown selects the network interface on the BreadCrumb device that will connect to the other network.
Chapter 5. Using BCAdmin™ Note: The type of ethernet cable required depends upon the device to which you are connecting. If the BreadCrumb device’s ethernet port is to be connected to a hub or a switch, a conventional ethernet patch cable ("straight-through") should be used. If the BreadCrumb device’s ethernet port is to be connected directly to a device such as laptop or camera, a crossover cable should be used. Using the wrong cable will result in no connectivity. c.
Chapter 5. Using BCAdmin™ d. Gateway (Ingress) In Gateway (Ingress) Mode, as in Gateway mode, the reachback interface is configured to exist on a different network than the BreadCrumb device’s other interfaces. NAT, however, is configured in the direction opposite to that of Gateway Mode. Inbound traffic from the reachback network appears to originate from the BreadCrumb, and outbound traffic from the BCWN must be sent through a forwarded port (see the Section called Forwarding Settings for details) e.
Chapter 5. Using BCAdmin™ a. IP Address b. Subnet Mask c. Default Gateway d. DNS Server You may need to contact your network administrator in order to determine the correct settings. Forwarding Settings The "Forwarding" tab contains controls for configuring inbound NAT translation for BreadCrumb devices configured as gateways. Figure 5-11.
Chapter 5. Using BCAdmin™ The checkbox marked "Enable" specifies whether a particular forward configuration is active. This allows an administrator to pre-configure port forwards and selectively enable or disable them in the future. When a port forward has been configured, click the "Add" button to the right in order to add it to the current configuration. You may add as many port forwards as necessary to a BreadCrumb.
Chapter 5. Using BCAdmin™ WEP WEP (Wired Equivalency Protocol) was the first scheme to provide security for 802.11 communications. Although since its release it has been determined to contain serious weaknesses, WEP remains an effective means to prevent casual eavesdropping. WEP settings are made network-wide; all BreadCrumb devices and wireless clients must agree on a WEP key in order to establish and maintain communications.
Chapter 5. Using BCAdmin™ listed in the "Permitted Devices" ACL. In Allow by Default mode, client devices and BreadCrumb devices are permitted on the network unless they are listed in the "Forbidden Devices" ACL. To edit the ACLs, click the ACL button in the toolbar. A window resembling the following will appear: Figure 5-13. Access Control List Window 1.
Chapter 5. Using BCAdmin™ These buttons allow individual devices to be added to or removed from the currently selected device list. Note: The BreadCrumbs and Administrators tabs in the ACL are automatically merged into the Permitted Devices and Forbidden Devices lists. Separate tabs are only provided in order to ensure that the administrator has fully considered the ramifications of setting an ACL.
Chapter 5. Using BCAdmin™ Setting the Access ID The Access ID is a shared credential used by the AirFortress client to negotiate encryption keys. All devices that are to communicate with one another must share a common Access ID. To set the Access ID on a BreadCrumb device, the BCAdmin workstation must be connected to the BreadCrumb device via the BreadCrumb device’s ethernet port.
Chapter 5. Using BCAdmin™ Enabling/Disabling AirFortress Encryption AirFortress encryption is enabled and disabled on a BreadCrumb device using a checkbox on the General tab of the BreadCrumb Properties window. Unlike the Access ID, this setting may be changed when communicating wirelessly with the BreadCrumb device. Important: Enabling and disabling AirFortress encryption in a BreadCrumb device has an immediate effect.
Chapter 5. Using BCAdmin™ SecNet11 Key Filling The SecNet11 Plus PC cards included in SecNet11-enabled BreadCrumb devices are user-accessible and do not impose any changes upon existing SecNet11 key fill procedures. BCAdmin Preferences Settings specific to BCAdmin are available through the View menu, under Preferences. The Preferences window is shown below: Figure 5-15. BCAdmin Preferences Window The first three fields are described in this section.
Chapter 5. Using BCAdmin™ 2. GPS staleness warning threshold (minutes) For GPS-enabled BreadCrumb devices, position information shown in BCAdmin is marked as "stale" if it has not been updated for this period of time (for example, if the BreadCrumb device’s GPS receiver is no longer able to determine its location). 3. Default battery warning threshold (minutes) For BreadCrumb devices with no battery warning threshold set, this setting will be used.
Chapter 6. Configuration Examples Connecting Remote Wired LANs Unencrypted Point-to-Multipoint To connect two or more wired LANs that are physically remote from one another, the simplest configuration is as follows: 1. Attach a BreadCrumb device to each LAN using the BreadCrumb devices’ ethernet interfaces. 2. Configure the LAN-connected BreadCrumb devices to use Bridge Mode reachback over ethernet. 3. Add intermediate BreadCrumb devices as necessary to cover the distance between/among LANs. 4.
Chapter 6. Configuration Examples The configuration steps for such a network are: 1. Attach a BreadCrumb device to each of the two LANs using the BreadCrumbs’ ethernet interfaces. 2. Configure the Network A BreadCrumb device as follows: a. Reachback Interface: Ethernet b. Reachback Mode: Gateway c. Alternate Gateway: Disabled d. IP Address Settings: as appropriate for a member of wired Network A. e. AirFortress Encryption: Enabled 3. Configure the Network B BreadCrumb device as follows: a.
Chapter 6. Configuration Examples 2. Optionally encrypt the video signal as described below in the Section called Encrypting a Video Feed. 3. Install a BreadCrumb XLV in each convoy vehicle that is to receive the video signal. 4. For long convoys, or for convoys that will be passing through environments such as urban canyons that inhibit line-of-sight radio signals, install additional BreadCrumb XLVs in intermediate convoy vehicles to bridge gaps between the vehicles viewing the video feed. 5.
Chapter 6. Configuration Examples b. TCP: Checked c. UDP: Unchecked d. IP Address: 192.168.3.2 (i.e., the camera’s address) e. To Ports: 80-80 f. Enable: Checked 5. Enable AirFortress on the BreadCrumb device. 6. Access the camera by directing a web browser to one of the BreadCrumb device’s IPv4 addresses (as reported by BCAdmin).
Chapter 7. Troubleshooting Individual BreadCrumbs Problem Resolution When the BreadCrumb is powered on, its LED remains solid red, and devices cannot communicate with the BreadCrumb. Ensure that radio cards are properly seated in their PCMCIA slots. If problem persists, re-flash BreadCrumb or contact customer service. When the BreadCrumb is powered on, its LED blinks red, and devices cannot communicate with the BreadCrumb. The BreadCrumb has detected that it contains both SecNet and Non-SecNet radios.
Chapter 7. Troubleshooting Problem A wireless client cannot join the network. Resolution • Ensure that BreadCrumb devices are powered on. • Ensure that the wireless card in the client device (laptop) is enabled. This is usually indicated with a blinking light on the card. • Ensure that the wireless card is in "Infrastructure" or "Access Point" mode, and not in "Ad Hoc" mode. Scan for the ESSID "breadcrumb" (or the ESSID that you set for the network) using the software accompanying your wireless card.
Chapter 7. Troubleshooting Table 7-3. BreadCrumb-BCWN Connectivity Issues BCAdmin Problem Resolution The screen is red and empty. The BCAdmin workstation does do not have a 10.x.x.x address, which is required to administer the BCWN. The screen is black and empty. BCAdmin is unable to communicate with any BreadCrumb devices. Verify that a personal firewall application such as BlackICE or Zone Alarm is not preventing BCAdmin from communicating with the BreadCrumb devices.
Chapter 7. Troubleshooting 1. Open the BreadCrumb device. 2. Locate the radio lights and the small, black reset button on the side of the main circuit board as depicted in the following figure: Figure 7-1. Factory Reset Button 3. PRESS AND IMMEDIATELY RELEASE the reset button. 4. Wait 5 seconds. 5. PRESS AND IMMEDIATELY RELEASE the reset button again. Within a few seconds after completing this procedure, you should see the radio lights go out, pause, and come back on as the BreadCrumb device restarts.
Chapter 8. Case Study: Military Exercise in Thailand Rajant BreadCrumb devices were used by the Thai Military as an integral part of a Joint Air Land Sea Amphibious Assault Exercise last week in Pattaya, Thailand. The beach assault took place at a Thai Naval Base and Thai media from a major news channel was present to document the exercise. Figure 8-1.
Chapter 8. Case Study: Military Exercise in Thailand Figure 8-2. BCAdmin screen during exercise showing BreadCrumb network Figure 8-3. View of beach from command center Rajant also teamed up with the Naval Postgraduate School, Mercury Data Systems, Redline Communications and the Thai Military to set up a demonstration border security network in Lop Buri, Thailand.
Chapter 8. Case Study: Military Exercise in Thailand the fifth and final BreadCrumb was placed in a moving vehicle at the foot of the mountain providing NetMeeting capabilities with military personnel back at the base. Figure 8-4. Balloon with Camera and BreadCrumb Figure 8-5. Soldier communicating over BCWN using Microsoft NetMeeting Rajant employees also returned to Phuket, where Rajant BreadCrumb devices had been left this past January to aid in the tsunami relief effort.
Glossary ACL Access Control List; a list of MAC addresses that are used to control access to the BreadCrumb Wireless Network. AES/AES-256 Advanced Encryption Standard. An encryption standard adopted by the U.S. Government. AP Access Point; a networking device allowing clients with IEEE 802.11 network cards in infrastructure mode to communicate wirelessly with a network. All radios in a BreadCrumb usually provide AP functionality. 802.
DHCP Dynamic Host Configuration Protocol; the means by which some networking devices obtain an address automatically from a network DSL Digital Subscriber Line ESSID Extended Service Set Identifier; a set of Access Points or BreadCrumbs that appear as a single network. Also referred to as a "network name." LAN Local Area Network MAC Media Access Control MAC Address A unique identifier (usually of the form 11:22:33:44:55:66) associated with an individual network interface.
reachback A connection to another network, such as the Internet, an office network, or a TOC TAN Tactical Area Network TOC Tactical Operations Center UAV Unmanned Aerial Vehicle 56
Appendix A. Status Indicator LED Beginning in June, 2005, each BreadCrumb includes a multi-color LED to indicate the BreadCrumb state. Use the following table to interpret the LED output: Color Blinking/Solid Status Red Solid Starting up Red Blinking Error Blue Solid No Peers Green Blinking At Least 1 Peer Green Solid At Least 1 Peer at 11Mbps Table A-1.
Appendix B. Radio Frequencies The BCWN uses the 11 802.11b channels allocated for use in the U.S. These channels and their frequencies are listed in the following table: 802.11b Channel Frequency (GHz) 1 2.412 2 2.417 3 2.422 4 2.427 5 2.432 6 2.437 7 2.442 8 2.447 9 2.452 10 2.457 11 2.462 Table B-1. 802.
Appendix C. Customer Service Please contact Rajant Support at +1 610-873-6788 to assist you through any issues you encounter regarding this release. Please forward all feedback regarding the BreadCrumb system functionality to . Other than speaking with a Rajant representative, this is the best way to communicate with us any operational issues you may find. Thank you for your ongoing business and support.
