Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mesh Networks: Too Little Too Soon

The catch is that managers of mesh networks must still contend with all the challenges that typically arise when it comes to bridging, routing and security--rapid route conversion, rogue device insertion, network configuration protocol protection--making these networks an even bigger problem in need of a big, and immediate, solution. To make matters worse, mesh networks may provide IP services, but those services will work properly only if they're viewed as MAC (Media Access Control) services with MAC-layer management and security services.

Management and security problems in mesh networks tend to present themselves as IP traffic problems, for which IPsec (IP security) and OSPF (Open Shortest Path First), a multicast IPsec protocol, are recommended solutions. But given the severity of these problems in mesh networks, these "solutions" are inadequate.

In a mesh where every system is potentially a router, you have either an IPsec connection to every system or a multicast IPsec connection that is still being standardized. What's more, you really can't build a mesh network on IP routing unless the mesh is relatively stable (only a few link changes per hour), with measurable traffic outage. But those IP routing protocols take too long to stabilize, especially in mesh networks that are themselves inherently unstable.

Research presented at the IEEE 802 plenary meeting in March shows that bridging, along with some new discovery protocols, will work effectively in an unstable mesh (you can find a presentation on mobile meshes working at the MAC layer here). But while mesh networks look simple and neat, they live up to their appearance only if they're deployed as bridged networks, which can stabilize in milliseconds via IEEE 802.1w (the standard that lets bridges in a Layer 2 network adjust for changes).

We still need a way to discover new bridge links, perhaps via IEEE 802.1AB. We also need a mechanism to secure the links and systems in the mesh; IEEE 802.1X is not up to this task, and current work on link security is not promising (go to www.ieee802.org/linksec for more information).

  • 1