Architecture and protocols for a high-performance, secure IEEE 802.11-based wireless mesh network

Today's wireless LANs reside only on the last hop between the end users' desktop/laptop machines and the enterprise backbone network. A comprehensive wired backbone still needs to be deployed to inter-connect these access points and the enterprise computing resources. In this project, we architected a novel wireless mesh backbone network architecture (called Hyacinth) that can eliminate most, if not all, of this wiring overhead. In a wireless mesh network (WMN), close-by access points communicate with each other using direct wireless links, while distant access points communicate using multiple wireless hops. In this dissertation, we formulate the capacity, fairness, and security issues with Hyacinth architecture and devise novel solutions to them. Our proposed architecture has three major components: Multi-channel Mesh Networking, Stateful Transport Protocol, and Secure Routing.;Limited capacity remains a pressing issue even for single-hop wireless LANs, let alone a multi-hop WMN where inter-path and intra-path interference limit the number of links that can be simultaneously active in the network. Fortunately, the IEEE 802.11b/g standards and IEEE 802.11a standard provide 3 and 12-25 non-overlapped frequency channels, respectively, which could be used simultaneously within a neighborhood. Hyacinth employs multiple radio channels in each radio neighborhood by equipping each node with multiple network interfaces. To fully utilize the performance potential of this approach, Hyacinth provides two traffic load-aware channel assignment and routing algorithms, both of which tune the network channel assignment and routing based on the network topology and the latest traffic patterns. Even with the use of just 2 radio interfaces per node, the proposed algorithms improve the network cross-section goodput by factors of up to 7 when compared with single-interface single-channel WMNs.;The next key issue with WMNs is lack of an effective transport protocol that can fairly and efficiently allocate the limited network capacity among multiple flows sharing the network. While many transport protocols have been proposed specifically for multi-hop wireless networks, most of them refrain from keeping state in the intermediate network nodes. We study the research question of how much performance improvement is possible if intermediate network nodes could maintain as much state as is needed. In particular, we investigate how a stateful transport protocol can accurately measure the effective physical link capacity, and fairly and efficiently allocate this capacity by estimating the number of sharing flows and their individual sending rates. Additionally, we examine how leveraging the link-layer retransmission mechanism can improve the performance of reliable packet delivery. While the proposed mechanisms improve the fairness and utilization of transport flows on a WMN, they fail to address the hidden node problem that causes one wireless link's transmission to be inhibited by another link, eventually leading to unequal bandwidth allocation between the two. To address this problem, we further propose a global bandwidth allocation algorithm that can provide end-to-end flow-level max-min fairness despite weaknesses in the MAC layer.;The final concern of enterprise users about WLAN technology is its security. In the case of a WMN, the security requirement is even more stringent, because even a single compromised node has the potential of making the entire network unavailable. A compromised node can easily disrupt the network routing state by tampering with control communication or advertising crafted topology/traffic data. We develop a centralized network architecture that incorporates security as a first-class requirement at par with connectivity and performance. The architecture and its associated protocol secure all core operations in a mesh network---topology and traffic statistics collection, route and channel computation, data plane state distribution, network reconfiguration, and also packet forwarding. It can quickly detect most common misbehaviors and trace the problem down to specific nodes. The secure routing mechanisms significantly enhance the availability of a Hyacinth network when some of the WMN nodes are compromised, misconfigured, or broken.