Network Computingwww.networkcomputing.com

The catch is that managers of mesh networks must still contend with all the challenges that typically arise when it comes to bridging, routing and security--rapid route conversion, rogue device insertion, network configuration protocol protection--making these networks an even bigger problem in need of a big, and immediate, solution. To make matters worse, mesh networks may provide IP services, but those services will work properly only if they're viewed as MAC (Media Access Control) services with MAC-layer management and security services.

Management and security problems in mesh networks tend to present themselves as IP traffic problems, for which IPsec (IP security) and OSPF (Open Shortest Path First), a multicast IPsec protocol, are recommended solutions. But given the severity of these problems in mesh networks, these "solutions" are inadequate.

In a mesh where every system is potentially a router, you have either an IPsec connection to every system or a multicast IPsec connection that is still being standardized. What's more, you really can't build a mesh network on IP routing unless the mesh is relatively stable (only a few link changes per hour), with measurable traffic outage. But those IP routing protocols take too long to stabilize, especially in mesh networks that are themselves inherently unstable.

Research presented at the IEEE 802 plenary meeting in March shows that bridging, along with some new discovery protocols, will work effectively in an unstable mesh (you can find a presentation on mobile meshes working at the MAC layer here). But while mesh networks look simple and neat, they live up to their appearance only if they're deployed as bridged networks, which can stabilize in milliseconds via IEEE 802.1w (the standard that lets bridges in a Layer 2 network adjust for changes).

We still need a way to discover new bridge links, perhaps via IEEE 802.1AB. We also need a mechanism to secure the links and systems in the mesh; IEEE 802.1X is not up to this task, and current work on link security is not promising (go to www.ieee802.org/linksec for more information).

No, mesh networks are not going to work well, or securely, anytime soon. The promise of meshes in a corporate environment is just that--a promise--at least for the next few years. The IETF and the IEEE 802 communities still have a lot of research work ahead of them. The Linux and Microsoft teams will build mesh features into their respective operating systems, and these features will work, but only in some constrained deployments. We may see meshes in homes and in cars--your Maytag or your Mustang could serve as a network backbone someday.

For now, though, take the time to deploy your wireless network as if you mean business.

Post a comment or question on this story.