1 / 49

IEEE 802.11 Wireless LANs

IEEE 802.11 Wireless LANs. Presented by Peng Ge September 12, 2001. Wireless LAN v.s. Wired LAN. Similarity From the beginning, 802.11 was designed to look and feel like other IEEE 802 wired LAN 802.11 operates under 802.2 LLC layer (same as 802.3) Difference

lilli
Download Presentation

IEEE 802.11 Wireless LANs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IEEE 802.11 Wireless LANs Presented by Peng Ge September 12, 2001

  2. Wireless LAN v.s. Wired LAN • Similarity • From the beginning, 802.11 was designed to look and feel like other IEEE 802 wired LAN • 802.11 operates under 802.2 LLC layer (same as 802.3) • Difference • using air link (that is, no real link) • Everything around is either a reflector or an attenuate of the signal • location-dependent: some change in position can cause large changes in the received signal strength • security problem: packets broadcast in air • Mobility • protocols to deal with mobility : DHCP, mobile-IP • no fixed physical location, “what is the nearest printer?”

  3. History of IEEE 802.11 • The first version was adopted in 1997 • MAC sub-layer • MAC management protocols and services • Three physical layers: all operate on 1M or 2Mbps • infrared-based PHY • Frequency Hopping Spread Spectrum (FHSS) radio in 2.4GHz • Direct Sequence Spread Spectrum (DSSS) radio in 2.4GHz • Revised in 1999, add 2 new PHY layers • Orthogonal Frequency Domain Multiplexing (OFDM) • 802.11a, radio in UNII bands, delivering up to 54Mbps • extension to DSSS PHY • 802.11b, in 2.4GHz, delivering up to 11Mbps

  4. IEEE 802 Architecture

  5. Overview • IEEE 802.11 Architecture and Services • Medium Access Control • MAC Management • The Physical layer

  6. Component in 802.11 Architecture • Station : mobile/portable/stationary node • provide station-services : • authentication, de-authentication, privacy, and delivery of data • Basic Service Set (BSS) • a group of stations connect to each other • Independent BSS (IBSS) : no connection to wired network • e.g., short-lived ad-hoc network • no relay function in an IBSS(in MAC layer) • when a BSS includes a Access Point (AP) • it’s no longer independent. • called Infrastructure BSS, or BSS

  7. Component in 802.11 Architecture • Access Point (AP) • A station provides distribution services • All mobile stations communicate with AP • AP provides connection to wired LAN if any, and local relay function in BSS • A little waste for local communication • up-link and down-link consume twice of bandwidth • benefits outweigh the cost, such as • buffering at AP when the station is in low power state

  8. Component in 802.11 Architecture • Extended Service Set (ESS) • a set of BSSs while APs communicate among themselves to forward traffic and to facilitate the mobility • Distribution System (DS) : • an abstract medium for the communication among APs • 802.11 didn’t define how to implement DS • APs from different vendors may not be used in one ESS • could be wired LAN (802.3), or purpose-built box • Services • Station services : • authentication, de-authentication, privacy, delivery of data • Distribution services : • association, re-association, de-association, distribution, integration

  9. Station Services • Authentication • to prove the identity of one station to another • De-authentication • to eliminate a previously authorized user from further use • Privacy • to provide an equivalent level of protection for data on WLAN as that provided by Wired network • Delivery of data • similar to other 802 LANs • to provide reliable delivery of data frames in MAC layers, with minimal duplication and minimal reordering.

  10. Distribution Services • Association • to make a logical connection between mobile station and AP • Re-association • similar to association, except including the info about previously associated AP (for roaming, data forwarding, etc.) • De-association • either to force a mobile node to associate or just announce the association is no longer available/required • Distribution • An AP to determine how to deliver the frames • within its own BSS, into DS to another AP, outside WLAN • Integration • translation between 802.11 frames and other LAN frames

  11. Interaction between some services State 1: Unauthenticated, Unassociated Class 1 Frames Successful Authentication De-Authentication Notification State 2: Authenticated, Unassociated Class 1 & 2 Frames Successful Association or Re-Association De-Authentication Notification De-Association Notification State 3: Authenticated, and Associated Class 1, 2 & 3 Frames

  12. Interaction between some services • Each station maintains 2 variables • state of authentication and state of association • A station may be authenticated with many stations simultaneously • A station may be associated with only one other station at a time • Multiple instances of the variables are needed • to maintain a unique copy for each station it communicates • If a station is a part of an IBSS (ad hoc) • it’s allowed to implement data service in state 1 • because neither authentication nor association is used in IBSS, no station can leave state 1 • A station must react to every frame it receives • even if the frame type is not allowed for a particular state • A state 1(2) station will send back de-authentication(de-association) upon receiving an illegal frame, to force the other station transit to proper state

  13. Overview • IEEE 802.11 Architecture and Services • Medium Access Control • MAC Management • The Physical layer

  14. MAC functionality • To provide reliable data delivery service • through a frame exchange protocol at MAC level • Reliability is improved as compared to earlier WLANs • To fairly control access to the wireless medium • Distribution Coordination Function : basic access • Point Coordination Function : centrally controlled access • To protect the data it delivers • a privacy service, Wired Equivalent Privacy (WEP) • the same level of protection the data might have on a wired LAN that prevents unauthorized connection

  15. frame Snd Rcv ACK A B C MAC Frame Exchange Protocol • The minimal protocol has two frames • The two frames are an atomic unit of the MAC protocol • The frame will be retransmitted if ACK is missing • reduce the inherent error rate at the cost of extra bandwidth • more efficient in MAC layer than in higher layer • to determine the lost packet, higher layer timeout is often in seconds • Hidden Node Problem

  16. RTS CTS Snd Rcv frame ACK Area cleared by RTS CTS B C A RTS Area cleared by CTS MAC Frame Exchange Protocol • Two more frames to solve Hidden Node Problem • Request To Send (RTS) and Clear To Send (CTS) • The four frames are an atomic unit • if fails at any point, the station can recover and regain control of the medium in minimum time • To address the Hidden Node Problem

  17. MAC Frame Exchange Protocol • dot11RTSThreshold attribute (0-2339) • The value defines the minimum length of the frame that RTS and CTS are required before sending the frame. • all frames with greater length use 4-way protocol • all frames with equal or less length use 2-way protocol • In some cases, 4-way protocol is unnecessary, such as • low bandwidth demand • concentrated area where everyone can hear the others. • Retry counters • long retry counter and short retry counter • long or short? Compare the frame length with dot11RTSThreshold • each retransmission will increment the corresponding retry counter • the frame has to be discarded if the retry counter reaches the limit • There is also a lifetime timer associate with each frame

  18. MAC Basic Access Mechanism • CSMA/CA with binary exponential backoff • Carrier Sense Multiple Access • partly implemented by a physical sensing mechanism by PHY layer • Network Allocation Vector (NAV) • a value that indicates to a station the amount of time it remains before the medium become available to use • to provide a virtual carrier sensing • a station may avoid transmitting, even when medium seems free • CA(Collision Avoidance) instead of CD(Collision Detection) • Wireless device can hardly send and receive at the same time • Contention Window in Binary Exponential Backoff • When the transmission is deferred because the medium is busy, sender waits a random time within “contention window” • Contention window double its size every time the sender is deferred • Contention window reset to minimal size when transmission succeed

  19. Timing Intervals • 5 timing intervals recognized by 802.11 MAC • 2 basic intervals determined by PHY • Short Inter-Frame Space (SIFS) • Slot Time • SIFS < Slot Time, but they are close. • 3 additional intervals • Priority Inter-Frame Space (PIFS) = Slot Time + SIFS • used in PCF • Distributed Inter-Frame Space (DIFS) = Slot Time + SIFS * 2 • used in DCF • Extended Inter-Frame Space (EIFS) • much larger than any other intervals • used when a frame received by MAC contains error, allowing MAC frame exchange protocol to complete correctly

  20. Next Transmission End of Previous Transmission DIFS Slot time DCF Operation • When MAC is about to send a frame, • it checks if the medium is not in use for an interval of DIFS (EIFS if last frame received contained errors) • if in use, the MAC will • choose a backoff number and double the contention window • increment the appropriate retry counter • Otherwise, every interval of slot time the medium is idle, MAC will decrement the backoff value. • Once backoff interval expires, the frame is transmitted • if no ACK received, assume collision, backoff again • till the transmission is successful or is cancelled.

  21. PCF Operation • PCF uses a “Poll and Response” protocol • to eliminate the possibility of contention for the medium • PCF is built over DCF, they can operate simultaneously • PCF uses PIFS to seize and keep the medium (PIFS < DIFS) • A Point Coordinator (PC) controls PCF • the PC is always located in an AP • stations request PC to register them on a polling list • PC regularly polls the stations for traffic and delivers traffic to • PC begins a Contention-Free Period (CFP) periodically • medium is completely controlled by PC, no DCF allowed • PC sends out a Beacon frame to notify the other stations • the Beacon provided the maximum length of the coming CFP • All stations have to update their NAV so that DCF is prohibited • PC ensures that the interval between frames is no longer than PIFS • another way to prevent DCF from gaining access to the medium

  22. SIFS Data+ CF-Poll Data+ CF-Ack from station 1 Data+ CF-Ack+CF-Poll to station 2 ACK from station 2 CF-Poll to station n Data+CF-Poll to station n+1 CF-End PIFS PCF Operation • PC expects a response frame in SIFS after sending a Poll • If no response in SIFS, PC will send its next frame in PIFS • PC will send a CF-End frame to conclude the CFP • To make the use of the medium more efficient, it’s possible to piggyback both ACK and CF-Poll onto data frames • station to PC: data frame with ACK of last frame received • PC to station: CF-Poll, ACK, and data can be in one frame • After the CF-End is heard, each station reset its NAV • DCF starts working

  23. Control Frame subtypes • 6 control frame subtypes • request to send (RTS) and clear to send (CTS) • 20 bytes for RTS, 14 bytes for CTS • duration information of coming traffic, allow other stations to update their NAV, to prevent the collision • acknowledgement (ACK) 14 bytes • as a receipt, no need of retransmission • in fragmentation, ACK contains the duration information of next fragment, act like a CTS • power save poll (PS-Poll) 20 bytes • to request an AP to deliver a frame buffered when this station was in power-saving mode • contention-free end (CF-End) 20 bytes • to conclude a CFP by PC, let stations to compete the medium • contention-free end plus ACK (CF-End+ACK) 20 bytes • combination of two frame subtypes

  24. Data Frame subtypes • 8 data frame subtypes • variable length frame: 29-2346 bytes • Data • encapsulate the upper layer protocol packet • Data+CF-ACK, Data+CF-Poll, Data+CF-ACK+CF-Poll • sent only during CFP, never used in IBSS • combination of frames, which may target to different stations • Null function (no data) • Zero data length, but needed to complete the frame exchange • The sole purpose of the frame is to carry “power management” BIT • CF-ACK (no data) • more efficient if use ACK control frame (14 bytes v.s. 29 bytes) • CF-Poll (no data), CF-Poll+CF-ACK (no data)

  25. Management Frame subtypes • 11 management frame subtypes • Beacon • transmitted periodically for others to locate and identify a BSS • also convey information of buffered frame for stations • Other information includes • service set identity (SSID), supported rates, PHY parameters,... • Probe Request • transmitted by a mobile station to quickly locate an 802.11 WLAN • either locate a WLAN with a particular SSID, or locate any WLAN • Our SSID is “tsunami” • Probe Response • In IBSS, the station who sent the latest Beacon answers the request • In BSS, AP always answers the Probe Request • A Probe Response is similar to a Beacon

  26. Management Frame subtypes • Authentication • to conduct a multi-frame exchange stations • The ultimately result is the verification of the identity to each other • De-authentication • notify the termination of an authentication relationship • Association Request and Response • for a mobile station to join the BSS, and the result • Re-association Request and Response • Association Request with additional information of current AP • Re-association Response is the same as Association Response • De-association • notify the termination of an association relationship • Announcement Traffic Indication Message (ATIM) • A mobile station in IBSS to notify others that it has frame buffered to a target mobile station who may be in low power mode.

  27. Privacy in IEEE 802.11 MAC • Wired Equivalent Privacy • A wired LAN has to be physically compromised (tap line) • A WLAN can be compromised by anyone with an antenna • WEP provides the same security as wired LAN • The frame body of the data frame is encrypted • by RC4, developed by RSA Data Security, Inc. • a symmetric stream cipher that support variable length key • RC4 supports up to 256 bytes key. 802.11 has chosen 40 bits. • No encryption for frame header and other frame types. • Protect only the content of data frame • Vulnerable to other threats, like traffic analysis • Key distribution or key negotiation is not included in 802.11 • Two ways to select a key for use • up to 4 default keys, or • a station to establish a key-mapping with another station

  28. Source RTS Fragment 0 Fragment 1 ACK 1 Destination ACK 0 CTS SIFS Fragmentation in 802.11 MAC • dot11FragmentationThreshold attribute(256-2338) • Default value is such that no frame will be fragmented • A frame is divided into fragments according to threshold • When a frame is fragmented, “more fragment” bit is used • Subsequent fragment is sent out immediately upon receiving previous fragment’s ACK • no competition for medium, “fragment burst”

  29. General Frame Format • Frame Control field (16bits) • frame type and subtype: control, data, management • To DS bit and From DS bit • 00: direct communication between two mobile stations • 01 or 10: a frame sent from AP to mobile station, or the opposite • 11: wireless DS, sharing the medium with BSS, from AP to AP • Other 1-bit sub-fields • More Data: There is at least one frame buffered here • More Fragment : This isn’t the last fragment in the fragmented frame • Retry: This is the retransmission, instead of first-time transmission • Power management: The station will enter low power mode, and won’t be available • WEP: The frame body is encrypted using WEP algorithm • Order: The content of data frame is provided to MAC with a request of strictly ordered service

  30. General Frame Format • Duration/ID field (16bits) • Association ID (AID) in PS-Poll frame subtype • 0-2007, the ID a mobile station got when Association • A Beacon includes Traffic Indication Map (TIM), up to 256 bytes, to tell who have buffered frame in AP • each bit in TIM corresponding to a mobile station’s AID • Duration Information to update NAV, in other frame types • the length of the time the medium will be used after this frame • 32768 (1 for highest bit, 0 for others) for all frames sent in CFP • No station can interfere with CFP • 0 for all multicast data frames • There is no response in multicast • Address fields (IEEE 48-bit format for each) • up to 4 addresses: source, destination, receiver, transmitter, or BSSID

  31. General Frame Format • Sequence Control field • Sequence Number subfield (12bits) • 0 to 4095 and wrap around. • Incremented after assignment to each MSDU • Fragment Number subfield (4bits) • incremented after assignment to each fragment • Frame Body field • variable length field, can be as long as • 2304 bytes without WEP, 2312 bytes with WEP • 2304 was chosen to allow application send 2048-byte pieces of data • Frame Check Sequence field (32bits) • applying CCITT CRC-32 polynomial to MAC header and frame body • The same used in other IEEE 802 LAN standards

  32. Overview • IEEE 802.11 Architecture and Services • Medium Access Control • MAC Management • The Physical layer

  33. MAC Management • The first in 802.x to include MAC management • 802.11 WLAN has more complex the environment • Many other users to share the medium • Microwave Oven operates in 2.4GHz band (because one excitation frequency of water molecule lies in that band) • Radio frequency ID (RFID) tag uses microwave power, i.e. tracking retail inventory, identify rail cars, … • Other WLANs than 802.11 that share the medium • Other 802.11 WLANs that share the medium • Security: the medium is connectable to anyone • Mobility: to provide the reliable service like wired LAN • Power management: to save the battery life. • Defined MAC management capabilities in 802.11 • Authentication, Association, Address filtering, Privacy, Power management, and Synchronization

  34. MAC Management • Authentication • for one station to prove its identity to another station • frame exchanges: questions, answers, and results • Two authentication algorithm available • Open system authentication • always return “success” as the result • Shared key authentication • depends on both stations share the same WEP key • encrypt and decrypt a “challenge text” to prove it owns the key • There is no limit on the number of authentication. • one station can pre-authenticate with many stations • Usually a AP initiate the authentication to a mobile station • assumed AP has a more privileged position • some subtle security problem • A rogue AP can adopt the SSID, take the place of old AP, and intercept the content of frames in plain text.

  35. MAC Management • Association • to provide transparent mobility to stations • Association is the process of a mobile station “connecting” to AP • only after a successful authentication • Only one association is permitted for each station • Once associated, AP is responsible for forwarding the data frames • The procedure of association • Mobile station send a request, including its information • data rate supported, contention-free abilities, support of WEP … • AP decides to grant or deny the service request • 802.11 doesn’t define what policy the AP should use • Re-association • DS must maintain the location of each mobile station • association request + last AP address • New AP contacts old AP, gets buffered data frame, terminates the old association

  36. MAC Management • Address filtering (MAC function) • more complicated than other 802 LANs • not only based on destination address • each data/management frame has at least 3 addresses • and a BSS identifier (BSSID) • A station must use addresses and BSSID when making receive decisions, according to the standard • Filtering on BSSID is important to minimize the multicast frames with which the station must deal • Privacy (MAC function) • WEP mechanism, as described earlier

  37. MAC Management • Power management • the most complex part in 802.11 standard • allows mobile stations to enter low power modes • turn off receiver and transmitter to conserve power • Two different mechanism for IBSS and BSS, respectively • Independent BSS • The station enters low power state after notifying another station • This station must wake up periodically to receive the beacon, and stay awake for a period after the beacon, called “ad hoc traffic indication message(ATIM) window” • A station who wants to send to a low-power station should use ATIM to inform the targeted receiver • The receiver should acknowledge it and stay awake till next ATIM window • In multicast, no ACK expected, each receiver must stay awake till next ATIM window

  38. MAC Management • Power management • Infrastructure BSS • each station should inform AP, in association request, the number of the beacon periods that the station will be in low power mode • Each beacon includes Traffic Indication Map(TIM) • data frame will remain buffered no less than the number of beacon periods determined in association • for multicast, AP will send out the frame right after the Beacon • a station to join multicast must wake up every beacon period • An AP that is running CFP will use CFP to deliver buffered frames to stations that are CF-Pollable • it may also use CFP to deliver multicast frame • Power saving is deeper in Infrastructure BSS than in IBSS • station is not required to wake up every beacon period • it doesn’t have to stay awake after the beacon

  39. MAC Management • Synchronization • the process of stations in a BSS getting in step to each other • to allow support of PHY layers that use time-based mechanisms • e.g., frequency hopping • the process involves • beaconing, to announce the presence of a BSS, and • scanning, to find a BSS • the process is entirely distributed • Timer Synchronization Fucntion (TSF) • maintains a 64-bit timer running at 1MHz, synchronized by beacons • current TSF timer = the value in beacon + processing time • Independent BSS • each beacon contains the TSF timer of the sender • TSF timer can only be incremented • All stations will synchronize to the fastest timer in BSS, eventually

  40. MAC Management • Synchronization • Infrastructure BSS • only AP sends beacon, so all stations synchronize to AP‘s timer • Beacon frame may not be received by some stations • may be delayed, from competing the medium • The broadcast of beacon may be corrupted, and no retry is attempted • There is no degradation to the WLAN operation • Scanning • passive scanning: switch to a channel, and listen for beacon • save the power, take longer time if no BSS in current channel • active scanning: switch to a channel, send a probe request, and wait for the beacon or probe response • save the time to find a BSS, need more power • Join a BSS • after finding a BSS, synchronize all MAC and PHY parameters with the BSS, and start to use the service

  41. Overview • IEEE 802.11 Architecture and Services • Medium Access Control • MAC Management • The Physical layer

  42. MAC Layer PLCP Sub-layer PHY Layer PMD Sub-layer PHY Layer • To provide 3 levels of functionality • Physical layer convergence procedure (PLCP) sub-layer • controls frame exchange between the MAC and PHY • Physical medium dependent (PMD) sub-layer • transmit data frames over the medium • PHY provides a carrier sense indication back to MAC • to verify the activity on medium

  43. DSSS PHY • Direct Sequence Spread Spectrum • one of three PHY layers defined in IEEE 802.11 • operates at 2.4GHz band • PLCP protocol data unit (PPDU) in DSSS • PLCP preamble and PLCP header: are always sent at 1Mbps • MAC protocol data unit (MPDU) may be sent in 1 or 2Mbps • Each DSSS channel occupies 22MHz of bandwidth • 11 channels available in North America, with 5MHz intervals • At most 3 non-interfering channels spaced 25MHz apart

  44. FHSS PHY • Frequency Hopping Spread Spectrum • one of three PHY layers defined in IEEE 802.11 • operates at 2.4GHz band • PLCP preamble and PLCP header are always sent at 1Mbps • In North America and Europe (excluding Spain and France) • 79 channels are chosen over a span of 84.3MHz • Each channel covers 1MHz bandwidth • 3 Set of hopping sequences • designed to minimize the interference • According to FCC regulation in US • Every second, FHSS radio must hop at least 2.5 hops and 6MHz distance

  45. IR PHY • Infrared • one of three PHY layers defined in IEEE 802.11 • uses near-visible light as the transmission media • restricted to indoor environment, cannot pass through walls • different from DSSS or FHSS • PPDU consists of PLCP preamble, PLCP header, and PSDU • PLCP preamble and PLCP header are always sent at 1Mbps • PSDU can be sent at 1 or 2Mbps

  46. OFDM PHY • Orthogonal Frequency Division Multiplexing • defined in IEEE 802.11a, 1997 • operates at 5GHz U-NII frequency • PLCP preamble and PLCP header are always sent at 1Mbps • PSDU can use 6, 9, 12, 18, 24, 36, 48, 54Mbps • 6, 12, 24MHz are mandatory rates for 802.11a-compliant system

  47. HR/DSSS PHY • High Rate DSSS • defined in IEEE 802.11b, 1997 • extend the PSDU data rates to 5.5 and 11Mbps • provides a rate shift mechanism, which allows 11Mbps networks to fall back to 1 and 2Mbps, and inter-operate with 802.11 PHY layers • Two kind of PLCP preamble • long preamble with 128-bits SYNC field (same as old DSSS PHY) • is backward compatible with existing 802.11 DSSS • sent at 1Mbps, PSDU may be sent at 1, 2, 5.5, and 11Mbps • short preamble with 56-bit SYNC field • sent at 2Mbps, PSDU may be sent at 2, 5.5, and 11Mbps • higher speed than “long preamble” • cannot inter-operate with 802.11 2Mbps network • The same channel allocation with old DSSS

  48. The END

More Related