wireless lans & pans
DESCRIPTION
Wireless LANS & PANS. Lecture # 3. Differences Between Wireless and Wired LAN. Address is no equivalent to physical location Wireless nodes are not stationary, address may not always refer to a particular geographical location - PowerPoint PPT PresentationTRANSCRIPT
Wireless LANS & PANS
Lecture # 3
2
Differences Between Wireless and Wired LAN
• Address is no equivalent to physical location– Wireless nodes are not stationary, address may not
always refer to a particular geographical location
– Station (STA) is a message destination, but not (in general) a fixed location
• Dynamic topology– Mobiles nodes may often go out of reach of each
other, connectivity is partial at times
3
Differences Between Wireless and Wired LAN
• PHYs used are fundamentally different from wired media– Use a medium that has neither absolute nor readily
observable boundaries– Unprotected from other signals that may be sharing the
medium– Communicate over a medium less reliable than wired PHYs– Lack full connectivity, every STA can not hear every other STA
all the times– Have time-varying and asymmetric propagation properties– May experience interference from logically disjoint IEEE
802.11 networks operating in overlapping areas
4
Differences Between Wireless and Wired LAN
• Handling mobile and portable STAs– Portable STAs
• Moved from location to location, but only used while at a fixed location
– Mobile STAs• Actually access the LAN while in motion
• Propagation effects blur the distinction between portable and mobile STAs– Stationary STAs often appear to be mobile due to propagation
effects
• Power management– Mobile STAs may often be battery powered
• STA’s receiver may not be always powered on
5
Design Goals
• Operational simplicity– Quickly setup and efficient access to mobile users
• Power efficient operations– Operate with minimal power consumptions– Must incorporate
• Power-saving features• Use appropriate technologies• Power efficient protocols etc
• License free operation– Consider ISM band for its operation which do not
require an explicit licensing
6
Design Goals• Tolerance to interference
– Should take appropriate measures by way of selecting technologies and protocols to operate in the presence of interferences
• Global usability– Both in terms of hardware and software– Should take into account the prevailing spectrum
restrictions in countries across the world
• Security– Inherent broadcast nature of wireless medium adds to
the requirement of security features
7
Design Goals• Safety requirements
–Interference to medical and other instrumentation devices–Increased power level of transmitters that can lead to health
hazards–Should follow the power emission restrictions that are
applicable in the given frequency spectrum• Quality of Service requirement
–Should take into considerations the possibility of supporting a wide variety of designated levels of performance for multimedia traffic
• Compatibility with other technologies and applications–Inter-operability among different LANs (wired and wireless)–Inter-operability among different protocols
Design Goals• Handoff/roaming
– MAC protocols used in the wireless LAN should enable mobile stations to move from one cell to another
• Dynamic configuration– MAC addressing and network management aspects of the LAN
should permit dynamic and automated addition, deletion, and relocation of end systems with disruption to other users
• Throughput– MAC protocols should make as efficient use as possible of the
wireless medium to maximum capacity
• Number of nodes– Wireless LANs may need to support hundred of nodes across
without compromising over the performance 8
Important
• Wireless is inherently unreliable channel • One of the Solution
– Develop reliable protocols at the MAC layer
• It hides the unreliability that is present at the physical layer
9
Interaction with Other IEEE 802 Layers• Requirement
– IEEE 802.11 to appear to higher layers (LLC) as a wired IEEE 802 LAN
• Why it is required?– Modularity, less changes at upper layer, inter-operatibility etc
• Solution– IEEE 802.11 network handle STA mobility within the MAC sublayer
• Effect on MAC layer– Incorporate functionality that is untraditional for MAC sublayers
• It may be necessary for certain higher layer management entities to be “WLAN aware” in QoS and secure environment (key management)– Bandwidth and other QoS characteristics of a WLAN are subject to
frequent, and sometimes substantial, dynamic changes10
Interaction with non-IEEE-802 Protocols
• An robust security network association (RSNA)utilizes non-IEEE-802 protocols for its authentication and key management (AKM) services
• Some of these protocols are defined by other standards organizations, such as the Internet Engineering Task Force (IETF)
11
12
Components of the IEEE 802.11 Architecture
• Basic service set (BSS)– Set of stations that can remain in
contact with an AP– Executing the same MAC protocol
• Basic service area (BSA)– Coverage area of an AP within which
STAs remain in communication– If a STA moves out of its BSA, it can no
longer directly communicate with other STAs present in the BSA
• Independent basic service set (IBSSs)– STAs communicate directly– Often referred to as ad hoc network
STA Membership in a BSS
• A STA’s membership in a BSS is dynamic – STAs turn on, turn off, come within range, and go out
of range
• To become a member of a BSS, a STA joins the BSS using the synchronization procedure
• To access all the services of an infrastructure BSS, a STA shall become “associated” – These associations are dynamic and involve the use of
the distribution system service (DSS)
13
14
Components in a Typical IEEE 802.11 Network
• Distribution system (DS)– An architectural component
used to interconnect BSSs – IEEE 802.11 logically
separates the WM from the distribution system medium (DSM)
– Enables mobile device support by providing the logical services necessary to handle address to destination mapping and seamless integration of multiple BSSs
Access Point (AP)
• An entity that has STA functionality and enables access to the DS, via the WM for associated STAs
• Data move between a BSS and the DS via an AP• APs are addressable entities
– Addresses used by an AP for communication on the WM and on the DSM are not necessarily the same
• Data sent to the AP’s STA address by one of the STAs associated with it are always received at the uncontrolled port for processing by the IEEE 802.1X port access entity
• In addition, if the controlled port is authorized, these frames conceptually transit the DS
15
Extended Service Set (ESS)
• An ESS is the union of the BSSs connected by a DS– ESS does not include the DS
• Appears the same to LLC layer as an IBSS network
• STAs within an ESS may communicate and mobile STAs may move from one BSS to another (within the same ESS)
16
Extended Service Set (ESS)• Nothing is assumed by IEEE Std 802.11 about the relative physical
locations of the BSSs– BSSs may partially overlap
• Commonly used to arrange contiguous coverage within a physical volume– BSSs could be physically disjoint
• Logically there is no limit to the distance between BSSs– BSSs may be physically collocated
• This may be done to provide redundancy– One (or more) IBSS or ESS networks may be physically present in the same
space as one (or more) ESS networks• An ad hoc network is operating in a location that also has an ESS network• Physically overlapping IEEE 802.11 networks set up by different organizations• Two or more different access and security policies are needed in the same
location
17
18
Components in a Typical IEEE 802.11 Network
19
Extended Service Set
Portal
Wired Network
Wireless Network Architecture
Infrastructure based
• Contains Access Points (APs) which are connected via existing networks
• AP can interact with wireless nodes as well as with existing wired network
• Other wireless nodes, known as mobile stations (STAs), communicate via APs
• APs also act as bridge with other networks
Infrastructure less(Ad hoc LANs)
• Does not need any fixed infrastructure
• Network can be established on the fly
• Nodes directly communicate with each other or forward messages through other nodes that are directly accessible
20
21
Wireless Network Architecture
Robust Security Network Association (RSNA)
• Defines a number of security features in addition to wired equivalent privacy (WEP) and IEEE 802.11 authentication– Enhanced authentication mechanisms for STAs
– Key management algorithms
– Cryptographic key establishment
– An enhanced data cryptographic encapsulation mechanism, called Counter mode with Cipher-block chaining Message authentication code Protocol (CCMP), and, optionally, Temporal Key Integrity Protocol (TKIP)
22
Components of RSNA• Port access entity (PAE)
– Present on all STAs in an RSNA– Control the forwarding of data to and from the medium
access control (MAC)– An AP always implements the Authenticator PAE and
Extensible Authentication Protocol (EAP) Authenticator roles
– A non-AP STA always implements the Supplicant PAE and EAP peer roles
– In an IBSS, each STA implements both the Authenticator PAE and Supplicant PAE roles and both EAP Authenticator and EAP peer roles
23
Components of RSNA• Authentication Server (AS)
– Authenticate the elements of the RSNA itself• Non-AP STAs; and APs may provide material that the RSNA
elements can use to authenticate each other
– AS communicates through the IEEE 802.1X Authenticator with the IEEE 802.1X Supplicant on each STA, enabling the STA to be authenticated to the AS and vice versa
– An RSNA depends upon the use of an EAP method that supports mutual authentication of the AS and the STA
– In certain applications, the AS may be integrated into the same physical device as the AP, or into a STA in an IBSS
24
25
Components of the IEEE 802.11 Network
• Portals– All data from non-IEEE-802.11
LANs enter the IEEE 802.11 architecture via a portal
– A logical point at which the integration service is provided– Responsible for any addressing or
frame format changes that might be required when frames pass between the DS and the integrated LAN
– One device can offer both the functions of an AP and a portal
– Implemented in bridge or routers, that is a part of the wired LAN and also attached to the DS
Complete IEEE 802.11 Architecture
26
Logical Service Interface• IEEE 802.11 does not constrain the DS to
be of– Same technology– Either data link or network layer based– Either centralized or distributed in nature
• IEEE 802.11 explicitly does not specify the details of DS implementations, instead, specifies services, associated with different components of the architecture
• Two categories of IEEE 802.11 service– Station service (SS)
• Part of every STA
– Distribution system service (DSS)• Provided by DS
• Both are used by the IEEE 802.11 MAC sublayer
• Authentication• Association• Deauthentication• Disassociation• Distribution• Integration• Data confidentiality• Reassociation• MSDU delivery• DFS• TPC• Higher layer timer synchronization
(QoS facility only)• QoS traffic scheduling (QoS facility
only
27
Overview of the Services• Six of the services are used to support medium access
control (MAC) service data unit (MSDU) delivery between STAs
• Three of the services are used to control IEEE 802.11 LAN access and confidentiality
• Two of the services are used to provide spectrum management
• One of the services provides support for LAN applications with QoS requirements
• Another of the services provides support for higher layer timer synchronization
28
Overview of the Services• All of the messages gain access to the WM via the IEEE
802.11 MAC sublayer medium access method• Each of the services is supported by one or more MAC
frame types– Data messages
• Handled via the MAC data service path– MAC management messages
• Used to support the IEEE 802.11 services and are handled via the MAC management service path
– MAC control messages• Used to support the delivery of IEEE 802.11 data and
management messages29
Station Service (SS)• Service provided by STAs is known as the SS• SS is present in every IEEE 802.11 STA (including
APs, as APs include STA functionality)• SS is specified for use by MAC sublayer entities
– Authentication– Deauthentication– Data confidentiality– MSDU delivery– DFS– TPC– Higher layer timer synchronization (QoS facility only)– QoS traffic scheduling (QoS facility only)
30
Distribution System Service (DSS)• Service provided by the DS is known as the DSS• Services that comprises the DSS are as follows
– Association– Disassociation– Distribution– Integration– Reassociation– QoS traffic scheduling (QoS facility only)
• DSSs are specified for use by MAC sublayer entities
31
Distribution of Messages within a DS
32
Two main services are involved: Distribution and Integration
Distribution• Primary service used by IEEE 802.11 STAs• Invoked by every data message to or from an IEEE 802.11 STA
operating in an ESS (when the frame is sent via the DS)• If the two stations that are communicating are within the same BSS,
then the DS logically goes through the single AP of that BSS• How message is distributed within DS is not specified by IEEE 802.11• IEEE 802.11 provides, DS with enough information to be able to
determine the “output” point that corresponding to desired recipient• Three association related services provides this information
– Association– Reassociation– Disassociation
• IEEE 802.11 does recognize and support the use of the WM as DSM– Specifically supported by the MAC frame format 33
Integration• If the DS determines that the intended recipient of a message is a
member of an integrated LAN, the “output” point of the DS would be a portal instead of an AP
• Messages that are distributed to a portal cause the DS to invoke the Integration function (conceptually after the distribution service)
• Integration function is responsible for accomplishing whatever is needed to deliver a message from the DSM to the integrated LAN media (including any required media or address space translations)
• Messages received from an integrated LAN (via a portal) by the DS for an IEEE 802.11 STA shall invoke the Integration function before the message is distributed by the distribution service
• Details of an Integration function are dependent on a specific DS implementation
34
QoS Traffic Scheduling
• QoS traffic scheduling provides intra-BSS QoS frame transfers under the Hybrid coordination function (HCF), using either contention based or controlled channel access
• At each transmission opportunity (TXOP), a traffic scheduling entity at the STA selects a frame for transmission, from the set of frames at the heads of traffic queues, based on requested UP and/or parameter values in the traffic specification (TSPEC) for the requested MSDU
35
Services that Support the DS
• Primary purpose of a MAC sublayer is to transfer MSDUs between MAC sublayer entities
• Information required for the DS to operate is provided by the association services
• Before a data message can be handled by the DS, a STA shall be “associated”
36
STA Mobility Types• No-transition
– Static—no motion– Local movement
• Movement within a basic service area (BSA)
• BSS-transition– Movement from one BSS in one ESS to another BSS within
same ESS• ESS-transition
– Movement from a BSS in one ESS to a BSS in a different ESS
– Maintenance of upper-layer connections cannot be guaranteed by IEEE Std 802.11• Disruption of service is likely to occur 37
Association• To deliver a message within a DS, the distribution service needs to
know which AP to access for the given IEEE 802.11 STA• This information is provided to the DS by the concept of association• Association is necessary, but not sufficient, to support BSS-transition
mobility• Association is sufficient to support notransition mobility• Association is one of the services in the DSS• Before a STA is allowed to send a data message via an AP, it shall first
become associated with the AP– AP can then communicate this information to other AP within the ESS
• The act of becoming associated invokes the association service, which provides the STA to AP mapping to the DS
• DS uses this information to accomplish its message distribution service• How the information provided by the association service is stored and
managed within the DS is not specified by this standard38
Association Within RSN• IEEE 802.1X Port determines when to allow data traffic across an
IEEE 802.11 link• A single IEEE 802.1X Port maps to one association, and each
association maps to an IEEE 802.1X Port• An IEEE 802.1X Port consists of an IEEE 802.1X Controlled Port and
an IEEE 802.1X Uncontrolled Port• IEEE 802.1X Controlled Port is blocked from passing general data
traffic between two STAs until an IEEE 802.1X authentication procedure completes successfully over the IEEE 802.1X Uncontrolled Port
• Once the AKM completes successfully, data protection is enabled to prevent unauthorized access, and the IEEE 802.1X Controlled Port unblocks to allow protected data traffic
39
Association Within RSN• IEEE 802.1X Supplicants and Authenticators exchange protocol
information via the IEEE 802.1X Uncontrolled Port• It is expected that most other protocol exchanges will make use of
the IEEE 802.1X Controlled Ports• However, a given protocol may need to bypass the authorization
function and make use of the IEEE 802.1X Uncontrolled Port• At any given instant, a STA may be associated with no more than
one AP• Association is always initiated by the mobile STA, not the AP• An AP may be associated with many STAs at one time• A STA learns what APs are present and what operational
capabilities are available from each of those APs and then invokes the association service to establish an association
40
Reassociation• Association is sufficient for no-transition message delivery• Reassociation
– One of the services in the DSS– Provides additional functionality needed to support BSS-transition
mobility– Invoked to “move” a current association from one AP to another– Keeps the DS informed of the current mapping between AP and
STA as the STA moves from BSS to BSS within an ESS– Also enables changing association attributes of an established
association while the STA remains associated with the same AP– Always initiated by the mobile STA
• No facilities are provided to move an RSNA during reassociation, therefore, the old RSNA will be deleted, and a new RSNA will need to be constructed
41
Disassociation
• Invoked when an existing association is to be terminated• In an ESS, this tells the DS to void existing association information• Disassociation service
– May be invoked by either party to an association (non-AP STA or AP)– It is a notification, not a request– Cannot be refused by either party to the association
• APs may need to disassociate STAs to enable the AP to be removed from a network for service or for other reasons
• STAs shall attempt to disassociate when they leave a network• MAC protocol does not depend on STAs invoking disassociation service
– MAC management is designed to accommodate loss of communication with an associated STA
42
Station Service (SS)• Service provided by STAs is known as the SS• SS is present in every IEEE 802.11 STA (including
APs, as APs include STA functionality)• SS is specified for use by MAC sublayer entities
– Authentication– Deauthentication– Data confidentiality– MSDU delivery– DFS– TPC– Higher layer timer synchronization (QoS facility only)– QoS traffic scheduling (QoS facility only)
43
Access Control and Data Confidentiality Services
• Wired LAN design assumes the physically closed and controlled nature of wired media
• Physically open medium nature of an IEEE 802.11 LAN violates those assumptions
• Two services are required for IEEE 802.11 to provide functionality equivalent to that which is inherent to wired LANs– Authentication
• Used instead of the wired media physical connection
– Data confidentiality• Used to provide the confidential aspects of closed wired media
44
Access Control and Data Confidentiality Services
• An RSNA uses the IEEE 802.1X authentication service along with TKIP and CCMP to provide access control
• IEEE 802.11 station management entity (SME) provides key management via an exchange of IEEE 802.1X EAPOL-Key frames
• Data confidentiality and data integrity are provided by RSN key management together with the TKIP and CCMP
45
Authentication• Authentication operates at the link level between IEEE 802.11 STAs• IEEE 802.11
– Does not provide either end-to-end or user-to-user authentication– Attempts to control LAN access via the authentication service
• Used by all STAs to establish their identity to STAs with which they communicate, in both ESS and IBSS networks
• If a mutually acceptable level of authentication has not been established between two STAs, an association shall not be established
• IEEE 802.11 defines two authentication methods– Open System authentication
• Admits any STA to the DS
– Shared Key authentication• Relies on WEP to demonstrate knowledge of a WEP encryption key
• IEEE 802.11 authentication mechanism also allows definition of new authentication methods
46
Authentication• An RSNA also supports authentication based on IEEE 802.1X-
2004, or preshared keys (PSKs)• IEEE 802.1X authentication utilizes the EAP to authenticate
STAs and the AS with one another• This standard does not specify an EAP method that is
mandatory to implement• In an RSNA, IEEE 802.1X Supplicants and Authenticators
exchange protocol information via the IEEE 802.1X Uncontrolled Port
• IEEE 802.1X Controlled Port is blocked from passing general data traffic between two STAs until an IEEE 802.1X authentication procedure completes successfully over the IEEE 802.1X Uncontrolled Port
47
Authentication
• Open System authentication algorithm is used in RSNs based on infrastructure BSS and IBSS, although Open System authentication is optional in an RSN based on an IBSS
• RSNA disallows the use of Shared Key authentication• Management information base (MIB) functions are
provided to support the standardized authentication schemes
• A STA may be authenticated with many other STAs at any given instant
48
Preauthentication• Because the authentication process could be time-consuming
(depending on the authentication protocol in use), the authentication service can be invoked independently of the association service
• Preauthentication is typically done by a STA while it is already associated with an AP (with which it previously authenticated)
• IEEE 802.11 does not require that STAs preauthenticate with APs• However, authentication is required before an association can be
established• If the authentication is left until reassociation time, this may impact
the speed with which a STA can reassociate between APs, limiting BSS-transition mobility performance
• The use of preauthentication takes the authentication service overhead out of the time-critical reassociation process 49
Deauthentication
• Invoked when an existing Open System or Shared Key authentication is to be terminated
• In an ESS, deauthentication cause STA to be disassociated• Deauthentication
– An SS– May be invoked by either authenticated party (non- AP STA or AP)– Not a request; it is a notification– Shall not be refused by either party
• When an AP sends a deauthentication notice to an associated STA, the association shall also be terminated
50
Deauthentication
• In an RSN ESS, Open System authentication is required• In an RSN ESS, deauthentication results in termination
of any association for the deauthenticated STA• It also results in the IEEE 802.1X Controlled Port for that
STA being disabled and deletes the pairwise transient key security association (PTKSA)
• Deauthentication notification is provided to IEEE 802.1X-2004 via the MAC layer
51
Deauthentication• In an RSNA, deauthentication also destroys
– Any related PTKSA– Group temporal key security association (GTKSA)– Station-to-station link (STSL) master key security association (SMKSA)– STSL transient key security association (STKSA) that exist in the STA– And closes the associated IEEE 802.1X Controlled Port
• If pairwise master key (PMK) caching is not enabled, deauthentication also destroys the pairwise master key security association (PMKSA) from which the deleted PTKSA was derived
• In an RSN IBSS, Open System authentication is optional, but a STA is required to recognize Deauthentication frames
• Deauthentication results in the IEEE 802.1X Controlled Port for that STA being disabled and deletes the PTKSA
52
Data Confidentiality• With a wireless shared medium, all STAs and certain other RF devices in or
near LAN may be able to send, receive, and/or interfere with LAN traffic
• Any IEEE 802.11-compliant STA can receive all like-PHY IEEE 802.11 traffic within range and can transmit to any other IEEE 802.11 STA within range
• Thus, the connection of a single wireless link (without data confidentiality) to an existing wired LAN may seriously degrade the security level of the wired LAN
• To bring the security of the WLAN up to the level implicit in wired LAN design, IEEE 802.11 provides the ability to protect the contents of messages
• Data confidentiality is an SS and is provided by data confidentiality service
• IEEE 802.11 provides three cryptographic algorithms to protect data traffic: Wired equivalent privacy (WEP), Temporal key integrity protocol (TKIP), and CTR with CBC-MAC Protocol (CCMP)
– WEP and TKIP are based on the ARC414 algorithm, and CCMP is based on the advanced encryption standard (AES)
53
Data Confidentiality• Default data confidentiality state for all IEEE 802.11 STAs is “in the
clear.”• If this policy is unacceptable to the sender, it shall not send data
frames• If the policy is unacceptable to the receiver, it shall discard any
received data frames• Unprotected data frames received at a STA configured for
mandatory data confidentiality, as well as protected data frames using a key not available at the receiving STA, are discarded without an indication to LLC – Or without indication to distribution services in the case of “To DS” frames
received at an AP• These frames are acknowledged on the WM [if received without
frame check sequence (FCS) error] to avoid wasting WM bandwidth on retries of frames that are being discarded
54
Key Management
• The enhanced data confidentiality, data authentication, and replay protection mechanisms require fresh cryptographic keys
• The procedures defined in this standard provide fresh keys by means of protocols called the 4-Way Handshake and Group Key Handshake
55
Data Origin Authentication
• Defines a means by which a STA that receives a data frame can determine which STA transmitted the MAC protocol data unit (MPDU)
• Required in RSNA to prevent one STA from masquerading as a different STA
• Provided for STAs that use CCMP or TKIP• Only applicable to unicast data frames• The protocols do not guarantee data origin authenticity
for broadcast/multicast data frames, as this cannot be accomplished using symmetric keys and public key methods are too computationally expensive
56
Replay Detection
• The replay detection mechanism defines a means by which a STA that receives a data frame from another STA can detect whether the data frame is an unauthorized retransmission
• This mechanism is provided for STAs that use CCMP or TKIP
57
Spectrum Management Services
• Two services are required to satisfy requirements in some regulatory domains for operation in the 5 GHz band
• These services are called– Transmit power control (TPC)– Dynamic frequency selection (DFS)
58
Transmit Power Control (TPC)• Radio regulations may require radio local area networks (RLANs)
operating in the 5 GHz band to use transmitter power control, involving specification of a regulatory maximum transmit power and a mitigation requirement for each allowed channel, to reduce interference with satellite services
• TPC service is used to satisfy this regulatory requirement.• The TPC service provides for the following:
– Association of STAs with an AP in a BSS based on the STAs’ power capability– Specification of regulatory and local maximum transmit power levels for
the current channel– Selection of a transmit power for each transmission in a channel within
constraints imposed by regulatory requirements– Adaptation of transmit power based on a range of information, including
path loss and link margin estimates59
Dynamic Frequency Selection (DFS)• Radio regulations may require RLANs operating in the 5 GHz band to
implement a mechanism to avoid cochannel operation with radar systems and to ensure uniform utilization of available channels
• The DFS service is used to satisfy these regulatory requirements• The DFS service provides for the following:
– Association of STAs with an AP in a BSS based on the STAs’ supported channels– Quieting the current channel so it can be tested for the presence of radar with
less interference from other STAs– Testing channels for radar before using a channel and while operating in a
channel– Discontinuing operations after detecting radar in the current channel to avoid
interference with radar– Detecting radar in the current and other channels based on regulatory
requirements– Requesting and reporting of measurements in the current and other channels– Selecting and advertising a new channel to assist the migration of a BSS or IBSS
after radar is detected 60
Traffic Differentiation and QoS Support
• IEEE 802.11 uses a shared medium and provides differentiated control of access to the medium to handle data transfers with QoS requirements
• QoS facility (per MSDU traffic class and TSPEC negotiation) allows an IEEE 802.11 LAN to become part of a larger network providing end-to-end QoS delivery or to function as an independent network providing transport on a per-link basis with specified QoS commitments
61
Support for Higher Layer Timer Synchronization
• Some applications, e.g., the transport and rendering of audio or video streams, require synchronized timers shared among different STAs
• Greater accuracy (in terms of jitter bounds) or finer timer granularity than that provided by a BSS timing synchronization function (TSF) may be an additional requirement
• In support of such applications, this standard defines a MAC service that enables layers above the MAC to accurately synchronize application-dependent timers shared among STAs
• Service is usable by more than one application at a time62
Multiple Logical Address Spaces
• Just as the IEEE 802.11 architecture allows for the possibility that the WM, DSM, and an integrated wired LAN may all be different physical media, it also allows for the possibility that each of these components may be operating within different address spaces
• Each IEEE 802.11 PHY operates in a single medium—the WM and its MACC operates in a single address space
• IEEE 802.11 has chosen to use the IEEE 802 48-bit address space to establish the compatibility with IEEE 802 LAN family
63
Multiple Logical Address Spaces• However, IEEE 802.11 architecture allows for all three logical
address spaces to be distinct• A multiple address space example is one in which the DS
implementation uses network layer addressing– In this case, the WM address space and the DS address space would
be different• IEEE 802.11 STAs within a single ESS share the same address space,
fulfilling the transparency requirement from the definition of the DS
• DSS uses this same address space, even in the case where the DSM uses a different address space
• The ability of the architecture to handle multiple logical media and address spaces is key to the ability of
• IEEE 802.11 to be independent of the DS implementation and to interface cleanly with network layer mobility approaches 64
Differences Between ESS and IBSS LANs
65
Reference Model
66
Establishing the IEEE 802.11 Association
67
MAC Data Plane Architecture
68
Differences Between ESS and IBSS LANs
• An IBSS consists of STAs that are directly connected– Thus there is (by definition) only one BSS
• Further, because there is no physical DS, there cannot be a portal, an integrated wired LAN, or the DSS
• In an IBSS, only Class 1 and Class 2 frames are allowed because there is no DS in an IBSS
• The services that apply to an IBSS are the SSs• A QoS IBSS supports operation under the HCF using TXOPs gained through
the EDCA mechanism• Parameters that control differentiation of traffic classes using EDCA are fixed• A QoS IBSS has no HC and does not support polled TXOP operation and
setting up of TSPEC• In an IBSS, each STA must enforce its own security policy• In an ESS, an AP can enforce a uniform security policy across all STAs
69
MAC Frame Formats
• Each frame consists of the following basic components:– A MAC header, which comprises
• Frame control• Duration• Address• Sequence control information• For QoS data frames, QoS control information
– A variable length frame body, which contains information specific to the frame type and subtype
– A FCS, which contains an IEEE 32-bit CRC
70
General Frame Format
71
Frame Control Field
72
Types & Sub-Types
73
Types & Sub-Types
74
To DS and From DS Fields
75
More Fragments Fields
• The More Fragments field is 1 bit in length and is set to 1 in all data or management type frames that have another fragment of the current MSDU or current MMPDU to follow
• It is set to 0 in all other frames
76
Retry Field
• The Retry field is 1 bit in length and is set to 1 in any data or management type frame that is a retransmission of an earlier frame
• It is set to 0 in all other frames• A receiving STA uses this indication to aid in
the process of eliminating duplicate frames
77
Power Management Field
• The Power Management field is 1 bit in length and is used to indicate the power management mode of a STA
• The value of this field remains constant in each frame from a particular STA within a frame exchange sequence
• The value indicates the mode in which the STA will be after the successful completion of the frame exchange sequence
• A value of 1 indicates that the STA will be in PS mode• A value of 0 indicates that the STA will be in active mode• This field is always set to 0 in frames transmitted by an
AP 78
More Data Fields
• To accommodate stations in a power-saving mode, access points may buffer frames received from the distribution system
• An access point sets this bit to indicate that at least one frame is available and is addressed to a dozing station
79
Protected Frame Field
• Wireless transmissions are inherently easier to intercept than transmissions on a fixed network. 802.11 defines a set of encryption routines called Wired Equivalent Privacy (WEP) to protect and authenticate data
• When a frame has been processed by WEP, this bit is set to 1, and the frame changes slightly
80
Order Field
• Frames and fragments can be transmitted in order at the cost of additional processing by both the sending and receiving MACs
• When the "strict ordering" delivery is employed, this bit is set to 1
81
Duration/ID Field
82
Address Fields
• Destination address – As in Ethernet, the destination address is the 48-bit
IEEE MAC identifier that corresponds to the final recipient: the station that will hand the frame to higher protocol layers for processing
• Source address – This is the 48-bit IEEE MAC identifier that identifies
the source of the transmission– Only one station can be the source of a frame, so the
Individual/Group bit is always 0 to indicate an individual station
83
Address Fields
• Receiver address – This is a 48-bit IEEE MAC identifier that indicates
which wireless station should process the frame– If it is a wireless station, the receiver address is
the destination address– For frames destined to a node on an Ethernet
connected to an access point, the receiver is the wireless interface in the access point, and the destination address may be a router attached to the Ethernet
84
Address Fields
• Transmitter address – This is a 48-bit IEEE MAC address to identify the
wireless interface that transmitted the frame onto the wireless medium
– The transmitter address is used only in wireless bridging
85
Address Fields
• Basic Service Set ID (BSSID) – To identify different wireless LANs in the same
area, stations may be assigned to a BSS– In infrastructure networks, the BSSID is the MAC
address used by the wireless interface in the access point
– Ad hoc networks generate a random BSSID with the Universal/Local bit set to 1 to prevent conflicts with officially assigned MAC addresses
86
Sequence Control Fields
• This 16-bit field is used for both defragmentation and discarding duplicate frames
• It is composed of a 4-bit fragment number field and a 12-bit sequence number field
87
Frame Body• The frame body, also called the Data field, moves the higher-
layer payload from station to station• 802.11 can transmit frames with a maximum payload of 2,304
bytes of higher-level data– Implementations must support frame bodies of 2,312
bytes to accommodate WEP overhead• 802.2 LLC headers use 8 bytes for a maximum network
protocol payload of 2,296 bytes• Preventing fragmentation must be done at the protocol layer• On IP networks, Path MTU Discovery (RFC 1191) will prevent
the transmission of frames with Data fields larger than 1,500 bytes 88
Frame Check Sequence• As with Ethernet, the 802.11 frame closes with a frame check sequence (FCS)• The FCS is often referred to as the cyclic redundancy check (CRC) because of the
underlying mathematical operations• The FCS allows stations to check the integrity of received frames• All fields in the MAC header and the body of the frame are included in the FCS• Although 802.3 and 802.11 use the same method to calculate the FCS, the MAC
header used in 802.11 is different from the header used in 802.3, so the FCS must be recalculated by access points
• When frames are sent to the wireless interface, the FCS is calculated before those frames are sent out over the RF or IR link
• Receivers can then calculate the FCS from the received frame and compare it to the received FCS
• If the two match, there is a high probability that the frame was not damaged in transit
89
IEEE 802 Protocol Layers Compared to OSI Model
90
IEEE 802 Protocol Layers Compared to OSI Model
91
Protocol Architecture
• Functions of physical layer:– Encoding/decoding of signals
– Preamble generation/removal (for synchronization)
– Bit transmission/reception
– Includes specification of the transmission medium
92
Protocol Architecture• Functions of medium access control (MAC)
layer– On transmission, assemble data into a frame with
address and error detection fields
– On reception, disassemble frame and perform address recognition and error detection
– Govern access to the LAN transmission medium
• Functions of logical link control (LLC) Layer– Provide an interface to higher layers and perform
flow and error control
93
Separation of LLC and MAC
• Logic required to manage access to a shared-access medium not found in traditional layer 2 data link control
• For the same LLC, several MAC options may be provided
94
MAC Frame Format
95
Logical Link Control
• Characteristics of LLC not shared by other control protocols:– Must support multiaccess, shared-medium nature
of the link
– Relieved of some details of link access by MAC layer
96
LLC Services
• Unacknowledged connectionless service– No flow- and error-control mechanisms– Data delivery not guaranteed
• Connection-mode service– Logical connection set up between two users– Flow- and error-control provided
• Acknowledged connectionless service– Cross between previous two– Datagrams acknowledged– No prior logical setup
97
MAC Layers in IEEE 802.11 Standard
98
99
Physical Layer Different from Wired Media
• IEEE 802.11 supports three options for the medium to be used at the physical layer– One is based on infrared– Other two are based on radio transmission
• Use a medium that has neither absolute nor readily observable boundaries outside of which stations with conformant PHY transceivers are known to be unable to receive network frames
• Are unprotected from outside signals
100
Physical Layer Different from Wired Media
• Communicate over a medium significantly less reliable than wired PHYs
• Have dynamic topologies• Lack full connectivity, and therefore the assumption
normally made that every STA can hear every other STA is invalid
• Have time-varying and asymmetric propagation properties
101
Protocol Architecture
• PMD – Physical medium dependent sublayer• PLCP – Physical layer convergence protocol
102
Physical Layer
• Physical layer convergence protocol (PLCP)– Provides a mechanism for transferring MAC
sublayer protocol data units (MPDUs) between two or more STAs over the PMD sublayer
– Defines a method of mapping the IEEE 802.11 MPDUs into a framing format suitable for sending and receiving user data and management information between two or more STAs using the associated PMD system
103
Physical Layer
• Physical medium dependent sublayer (PMD)– Defines the characteristics of, and method of
transmitting and receiving data through, a wireless medium (WM) between two or more STAs (modulation/demodulation, encoding/decoding etc)
104
Physical Layer Carrier Sensing Mechanisms
• Performed either physically or virtually• Physical layer sensing is through clear channel assessment
(CCA) signal provided by the PLCP• CCA signal is generated based on sensing of the air interface
1. Either sense the detected bits in the air• Slow, but more reliable
2. OR check the received signal strength (RSS) of the carrier against a threshold• Potentially create a false alarm caused by measuring the level of
interference
105
Physical Layer• IEEE 802.11 supports different options for the medium
to be used at the physical level– One is based in infrared
• Operating at wavelength 850-950 nm range, at data rates of 1 Mbps and 2 Mbps using pulse position modulation (PPM) scheme
– Other five are based on the radio transmission• IEEE 802.11 FHSS• IEEE 802.11 DSSS• IEEE 802.11a OFDM• IEEE 802.11b HR-DSSS• IEEE 802.11g OFDM
106
Basic MAC layer Mechanisms
• Covers three functional areas– Reliable data delivery– Access control– Security
• Also supports many auxiliary functionalities– Roaming– Authentication– Taking care of power conservations
Reliable Data Delivery• Physical and MAC layers is subject to considerable
unreliability– Noise, interference and other propagation effects
• Even with error-correction codes, a number of MAC frames may not received correctly
• Can the situation be dealt with reliability at higher layer protocols (TCP)?
• More efficient to deal with errors at the MAC level than higher layer – Timers are of the order of seconds
107
Reliable Data Delivery
• Asynchronous data service– Supported for unicast as well as multicast packets
• Real time service– Supported only in infrastructure based networks
where APs control access to the shared medium
108
Reliable Data Delivery• IEEE 802.11 includes a frame exchange protocol• Frame exchange protocol
– Source station transmits data– Destination responds with acknowledgment (ACK)– If source doesn’t receive ACK, it retransmits frame
• Four frame exchange– Source issues request to send (RTS)– Destination responds with clear to send (CTS)– Source transmits data– Destination responds with ACK
109