Amateur Radio HSMM Network Technologies (2015)

Currently, three primary technologies are used to implement Amateur Radio HSMM networks. Broadband-Hamnet (BBHN) and Amateur Radio Emergency Data Network (AREDN) technologies are used to create a peer-to-peer mesh topology. while Ham WAN is used to implement a star topology. The BBHN and AREDN technologies use the 802.11g modulation method, while HamWAN uses the 802.11n-based MikroTik Nv2 modulation method. Both are TCP/IP-based, and you can provide the same applications and services regardless of which networking technology you choose to implement. Both also provide a means of connecting your HSMM network to the public Internet, allowing you to interconnect with other Amateur Radio HSMM networks via the Internet and build out a very versatile and functional HSMM network.

Broadband-Hamnet (BBHN)

Originally known as HSMM-Mesh. Broadband-Hamnet uses inexpensive, commercial off-the-shelf Linksys and Ubiquiti wireless routers. With a simple firmware installation to replace the original router operating firmware, it becomes a fully functional node using the peer-to-peer mesh topology. Although it typically uses the standard WiFi frequencies, the BBHN implementation will only communicate with other devices using the same version of BBHN firmware. While standard commercial WiFi devices such as smartphones, tablets, wireless computer workstations, and so on can see your BBHN network, they will not be able to connect to or access it.

The BBHN firmware supports certain models of the Linksys WRT54G series of wireless routers as well as some models of the Ubiquiti wireless routers. In a BBHN network. every node name (usually your call sign) is advertised throughout the network using the Domain Name System (DNS), meaning that you don't need to know the IP address of a node to communicate with it - just its name. Each node also sends out beacon packets containing your call sign to maintain compliance with FCC Part 97 rules requiring identification. A BBHN node is self-discovering, self-configuring, self-advertising, and fault tolerant. When you bring your BBHN node online it will search for other nodes and attempt to form a link with them automatically. At the same time. it will advertise its presence. along with any applications and services you have configured it to announce to every other node in the network.

The link between the nodes is formed automatically, with each node accessible by its name or IP address. When using a Linksys WRT54G as a BBHN node, the LAN (local area network) ports on the router are available for your use to connect computers. servers, IP phones, and other IP-based devices. By default, the BBHN router provides Dynamic Host Configuration Protocol (DHCP) through the LAN ports, thereby allowing your computer to automatically be assigned the proper IP address, IP gateway, and DNS server (usually the WRT54G itself) for your node. Each node in the network has a unique range of IP addresses, allowing you to communicate directly with every device in the mesh network. Any node can be used to provide an application or service, such as a web server, voice-over-IP (VoIP) telephony, and just about any other application or service you can access on the regular Internet.

The LAN side of a BBHN node can be configured to directly support 1, 5, or 13 locally attached devices (hosts). If you need more physical LAN ports than the four provided by the WTG54G or the single LAN port on the Ubiquiti devices, you can attach one of the LAN ports to a switch or even a standard WiFi access point, allowing you to increase the number of devices attached to your BBHN node. When using a standard WiFi access point to access your network, you have to be careful to ensure that no unauthorized users can connect to your access point. Since you can use standard Part 15 devices for your local WiFi access point. you can use wireless encryption and other security methods allowed under Part 15 to secure your local network.

The BBHN node also supports NAT (network address translation) on the LAN ports. Using NAT allows you to use a wider range of IP addresses on the LAN side of your node. but there are special considerations when using NAT with applications such as Voice-over-IP. Unless you have a good understanding of IP and NAT. it's best to stick with the default setting of 5-host direct.
A BBHN node uses the Optimized Link State Routing Protocol (OLSR) to discover and maintain a routing table for all or the nodes in your BBHN network. A routing table is simply a list of IP information that is maintained internally in each node by the router firmwares routing protocol.

These routing tables are used by a node to determine the best data path to another node. As BBHN nodes are added or removed, OLSR will keep track and update the routing table information for all of the nodes in the network. This is all handled automatically for you as part of the self-discovering, self-healing. self-advertising fault-tolerant features of a BBHN network. A BBHN network will automatically determine the best path to send your data for you. The WAN (wide area network) port on a Linksys WRT54G router in a BBHN network can be used to link your node to the regular Internet.

Any node in a BBHN network can be used to provide Internet access. This will allow you to interconnect with other networks, applications, and services using the Internet, as well as providing access to Internet resources from within your BBHN network. You have to be careful to maintain Part 97 compliance with any Internet usage from your BBHN network.

Since the Ubiquiti routers only have a single Ethernet port, virtual LAN (VLAN) technology is used to allow for multiple separate "virtual" networks to use the same piece of wire. VLANs are completely isolated and separate from each other. They allow you to utilize the single Ethernet connection on the Ubiquiti routers for multiple separate networks. providing the same basic functionality as the multiple physical LAN and WAN ports on the Linksys WRT54G routers.

A VLAN uses the IEEE 802.1Q protocol to embed or "encapsulate" your data in a packet that identifies which VLAN the data is assigned to. This process of VLAN identification is known as "tagging." Using the 802.1Q protocol, the switches and routers in your network can identify which VLAN each tagged packet is assigned to and keep everything separate and going to the right place. For this to work properly, your switches and routers will need to support the 802.1Q protocol.

A BBHN node is configured and managed using a web browser on your workstation. While a lot of the things mentioned above are probably making you wonder what you have gotten yourself into. In reality, setting up your own BBHN node is as simple as loading the firmware and plugging in your computer. The majority of things arc handled for you automatically.

Primarily due to memory and processor limitations, BBHN briefly announced an end of life for the WRT54G series of routers in the spring of 2015, but this has since changed, BBHN is continuing support for both the Linksys WRT54G and the Ubiquiti series of wireless routers.

Amateur Radio Emergency Data Network (AREDN)

Formed in February of 2015, the AREDN development team is composed of former members of the Broadband-Hamnet development team. While it performs well in the Broadband-Hamnet role, the memory and processing capabilities of the Linksys WRT54G series of routers limited growth in the area of virtual private network (VPN) tunneling, among others. This VPN tunneling would allow a secure method of interconnecting Amateur Radio HSMM networks across the public Internet. The AREDN development team split off from the Broadband-Hamnet organization in order to focus on developing firmware for the Ubiquiti series of wireless routers in Amateur Radio HSMM networks, while the Broadband-Hamnet team continues to support both the WRT54G and Ubiquiti wireless routers.

While the first release of the AREDN firmware (version 3.0.1) is primarily a "re-branding" or the Broadband-Hamnet firmware for the Ubiquiti routers, the current 3.0.2 version contains the VPN tunneling features. The Ubiquiti series of routers allows greater flexibility in terms of memory and processing power, in addition lo allowing the use of frequencies not available in the WRT54G routers. An upcoming release of the AREDN firmware (version will allow the use of channels -1 and - 2 in the 2.4 GHz band, along with 24 new non-shared frequencies in the 3.4 GHz band, and expanding to 52 channels, including seven non-shared frequencies in the 5 GHz band. Since it is based on the BBHN firmware. the AREDN implementation has the same self-discovering, self-configuring. self-advertising, and fault tolerance features of BBHN and uses a peer-to-peer mesh topology similar to BBHN.

Both BBHN and AREDN are based on carrier sense multiple access (CSMA) technology. This means that each node must wait for the channel to be silent before transmitting. Since the Amateur Radio WiFi bands are shared with standard Part 15 wireless home access points and other devices, a node could hear those devices and be forced to wait to transmit. This could be a major concern for nodes placed on high points such as mountains and towers since they could possibly hear other BBHN/AREDN networks and/or a significant number of Part 15 devices on the operating channel and be forced to wait until the channel is clear before sending.


HamWAN is based on a “star” network topology.

In a star topology, all of the user nodes connect directly to a central node, also known as a cell site or distribution node. The cell sites typically have a point-to-point link between other cell sites.

Unlike the peer-to-peer topology used in Broadband-Hamnet and AREDN, the client nodes must be able to communicate directly with a cell site and they cannot relay through other client nodes to access an out-of-range cell site. The cell sites are linked together, forming the “backbone" of the HamWAN network.

This structure is very similar to the way the public Internet is designed and allows for higher speeds and throughput than is possible with BBHN and AREDN. The client nodes communicate with a cell site at 5 GHz using a standard unmodified MikroTik router and a high gain parabolic mesh grid antenna. The cell sites communicate with each other over a separate link, usually at 3.4 GHz (9 cm) or 5 GHz (5 cm).

HamWAN operates in the Part 97 Amateur Radio portion of the 5 GHz band, allowing HamWAN cell sites to be placed on high points such as towers or mountains without worry of interference from Part 15 users. The typical cell site operates on multiple channels using three 120-degree sector antennas, spreading the user load over three separate frequencies. Since the link between cells sites is on yet another frequency, there is no interaction between users of one cell site and the users of another cell site. Ideally, the client node frequencies are different at each cell site, virtually eliminating the CSMA data collision issues inherent in the BBHN/AREDN and standard WiFi technologies. (If two nodes that can't hear each other are sending to a third node that can hear both, the data "collides" and will have to be re transmitted.)

For communications between the cell sites and client nodes, HamWAN uses the MikroTik Nv2 communication protocol based on 802.11n. Nv2 allows the use of time division multiple access (TDMA) technology as an additional method to reduce packet collisions and enhance overall network throughput. Using TDMA and Nv2, the cell site allocates transmission time to the client nodes dynamically. The cell site will broadcast a "schedule" telling the clients when they should transmit and the amount of time they can use based on client requests for bandwidth. This helps prevent data collisions as well as addressing the hidden node issue. thereby providing for increased overall data throughput. Using Nv2 also allows for the implementation of quality of service (QoS) which allows you to prioritize the traffic on your HSMM network.

To ensure that only licensed amateurs can use the network, Ham WAN uses digital "certificates" to authenticate users. A digital certificate is an "electronic document" or block of data that is created by an entity known as a certificate authority. or CA. A CA is basically an authorized server that uses public-private key cryptology to generate a unique certificate used to identify the sender. Using the public-private key cryptology and digital certificates in this manner is also known as two-factor authentication. While not impossible. it is very difficult and not really practical to '"crack" the keys used in public-private key cryptology. This means that there is an extremely low chance of someone pretending to be you. While Part 97 rules prohibit the secure encryption of data, there is no prohibition for using digital certificates to authenticate the sender of the data.

If you use ARRL's Logbook of the World (LoTW) you are already using a digital certificate. As part of the process of uploading your log to LoTW, you digitally "sign" your log with the certificate you created using the Trusted QSL (TQSL) program on your workstation. This certificate is used by LoTW to ensure that it's really you uploading the log.

HamWAN actually uses the LoTW and TQSL certificate authority system to generate a digital certificate for use on the Ham WAN network, thereby ensuring that only licensed hams can create a valid certificate to access the Ham WAN network. Every data packet your node sends is "signed"' with your certificate and is used by the HamWAN network to identify that you are an authorized user or the network. This avoids the rules against encrypting the data since the data itself is not encrypted, but the certificate information added to each data packet uses two-factor encryption to provide verification that the data did indeed originate from your node.