This past weekend, I was helping one of my neighbors with an assortment of computer and networking-related tasks. One of those to-do's ran me smack-dab into a beastie that I'd heard about, but had yet to encounter in the wild—the Femtocell.
Actually, my curiousity had been piqued earlier this month at CES, where I had stopped by the Femto Forum's area. The booth area wasn't too interesting and looked more Euro-focused, since Femtocell deployment in the U.S. is still rather small. But I learned enough to not be totally ignorant on the topic.
The diagram below shows the basic idea behind a femtocell. You can think of it as a mini cell tower that uses your broadband Internet connection as a backhaul to your cellular carrier's network. They're supposed to help consumers who can't otherwise get a good (or, in my neighbor's case, any) signal in their home or other location that does have a broadband connection.
The basic idea of a femtocell
(Image courtesy of femtoforum)
Some folks, like those over at Gigaom, think femtocells are just another revenue source for margin-strapped cell carriers and not really focused on providing real consumer benefit. After all, with many phones having built-in Wi-Fi, you'd think it would be just as easy to use that to connect into to your carrier's network.
This idea has been around for a few years in the form of UMA (Unlicensed Mobile Access), which is used by T-Mobile in its Hotspot @ Home product. But, at least in the U.S., UMA hasn't seemed to catch on.
Enter femtocells, which don't require special phones and work with any router that you happen to be using. Or are supposed to work, but I'm getting a little ahead of myself.
My neighbor's cell carrier is Verizon Wireless, which sells its Network Extender for $250. Sprint's AIRAVE costs $100 for the same Samsung Ubicell hardware that Verizon provides (they differ only in packaging) and then $5 per month. So it would take a Sprint buyer about 2 years to shell out the same amount that Verizon wants to get up front.
Verizon Network Extender
Oddly enough, Sprint, which has been doing business longer in the Central Virginia area where I live, doesn't offer the AIRAVE. But Verizon, which just arrived recently via its purchase of Alltel, does offer the Network Extender.
Anyway, one of my neighbor's problems was that the Network Extender didn't seem to be working. Or at least it didn't seem to be, but he really couldn't tell.
I was initially confused by the product, since the very brief installation sheet talked about the need to position the unit near a window so that it could receive a GPS signal. GPS? What does that have to do with cellular service? Maybe my neighbor was just confused.
But no, according to the Network Extender FAQ, it does indeed use GPS "to obtain time and the device location information. Location information is used to support Emergency (E911) service". The location information is used not only for E911, but to enable control over where the device can be used.
With that mystery out of the way, I found another FAQ that said that dialing #48 on a Verizon phone would yield a You are on the Network Extender message if everything was up and running. When I did this, I did get the indicated message. But it was so broken up that it was nearly unintelligible.
My neighbor's setup has his router in an upstairs loft area, a floor and a few walls from where I was sitting. This resulted in a 1 to 2 bar signal, which I thought was kind of low for having spent $250! So I moved closer to the Extender until I got a 5 bar signal. But dialing #48 still got me a broken up test message.
On a hunch, I logged into the router, which was a Belkin Wireless G Plug MIMO (F5D9230-4) that I had previously dug out of the SmallNetBuilder closet and donated to the cause, and checked the log. I was surprised to see a stream of entries for a UDP flood attack for traffic going to the Extender's IP address. So the router's firewall was thinking that the inbound traffic to the Extender was an attack and it was dropping the packets. It's a wonder that I was able to hear the test message at all!
I tried opening ports 500, 4500, 53, and 52428 to the Extender's IP address, as noted in another Verizon FAQ and even putting the Extender in DMZ. But neither change helped, since traffic was still flowing through the router's SPI firewall. And with no option to shut off SPI or any other firewall-related tweaks, my only option was to try swapping out the router.
The next day, I brought over an aged, but reliable, original Linksys WRT54G and swapped it for the Belkin. Once it was up and running, all it took was one call to #48 and the test message came through crystal clear (or as clear as a typical cell call is).
So the lesson here is that sometimes a router's firewall doesn't really know what it's dealing with. And if you don't have the option to tone down a router's firewall aggressiveness, your only option is to find a smarter (or maybe dumber) router!
As for my neighbor, he's a happy camper and is thrilled to now be able to receive and make business calls on his Blackberry Storm, even if it cost him $250 on top of his monthly Verizon bill. I even set up the Storm to connect to his router's wireless link so that he can receive and send email, too. That's because the Network Extender provides only CDMA voice service and not 3G data. Seems like an unnecessarily complicated arrangement to me. But such are the wonders of U.S. cellular service!