SlideShare ist ein Scribd-Unternehmen logo

Tutorial on IEEE 802.11 - MAC Protocols and Frames

Dheryta Jaisinghani
Dheryta Jaisinghani

In this talk, we will explain the functioning of Wireless LANs in theory and in practice. We will present the IEEE 802.11 standard in general and MAC protocols in particular, by discussing the functions of MAC sublayer management entity and the MAC layer frames in detail. We will discuss the changes in the states of a WiFi client as it goes through the process of WiFi communication. Towards the end, we will briefly talk about various vantage points ( at the client side as well as in the air ) that allow us to capture network traffic.

Bildung
1 von 35
Downloaden Sie, um offline zu lesen
Tutorial - IEEE 802.11 Protocol and Frames Dheryta Jaisinghani 1
Primer to General WLANs and Enterprise WLANs 2
Wireless Networks - Adhoc vs Infrastructure Mode ● Adhoc - ○ Wireless communication happens without an Access Point (AP) ○ Nodes talk to each other directly ● Infrastructure - ○ Wireless communication happens via an AP ○ Nodes talk to each other via AP 3
IEEE 802.11 Structure Figure 4.11 from IEEE Std Draft 2012 4 ● STA (Station) ○ Logical entity, singly addressable by MAC+PHY ● BSS (Basic Service Set) ○ Set of stations synchronized to communicate ● DS (Distribution System) ○ System that connects all BSS’s ● SS (Station Services) ○ Set of services that enable transport of MSDUs within a BSS
Enterprise WLAN Design - A Cisco Deployment https://www.cisco.com/c/en/us/td/docs/wireless/wcs/4-0/configuration/guide/wcscfg40/wcsovrv.html WiFi Protocol - IEEE 802.11 WiFi Clients 5 What does controller do? ● Manages lot of APs ● Load balancing ● Configurations ● Band Selection ● Channel Selection ● Band Steering ● Mobility Management
IEEE 802.11 Standards ● Standard: a,b,g,n,ac,ad,ah,ax etc ● Frequency Bands: 2.4 GHz vs 5 GHz ● Data rates: 1 Mbps to 7 Gbps ● Modulations: DSSS, FHSS, OFDM, MIMO-OFDM, MU-MIMO Summary available here: https://en.wikipedia.org/wiki/IEEE_802.11 6
MAC Sublayer Management Entity 7
Functions of MLME ● MLME - MAC subLayer Management Entity ● Decide when transmit ○ Distributed Coordination Function ○ CSMA/CA ● Scan - Discover nearby Access Points ● Associate and Authenticate ● Connection Management - Rate Control, Retry Management, Acknowledgement Handling ● Beacon Handling ● Power Management Application Presentation Session Transport Network MLME|MAC Physical WiFi - IEEE 802.11 Station Management 88
WLANs - Collision Avoidance NOT Detection ● Collision detection is hard in WLANs ● Most WLAN radios - Transmitters and Receivers - are half-duplex. ● Senders and Receivers may not be in range of each other 9
IEEE 802.11 MAC Protocol Architecture 10 Figure 9.1 from IEEE Std Draft 2012
Distributed Co-ordination Function ● Fundamental Access method ● Based on Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) ○ Sense the carrier, transmit if free ○ Carrier Sensing can be Physical or Virtual with RTS and CTS ○ Delivery success measured with Acknowledgements ● IFS (Inter-Frame Space) - Time interval between frames ○ SIFS - Short IFS ○ PIFS - PCF IFS ○ DIFS - DCF IFS ○ AIFS - Arbitration IFS (QoS) ● IFS ○ Reduces collision probability ○ Implements priority ■ Lower IFS, Higher Priority 11 Figure 9.3 from IEEE Std Draft 2012
Frame transmission 12 Ref: 802.11 Arbitration CWNP white paper
Carrier Sensing - Physical vs Virtual ● Physical - Sense energy with PHY ● Virtual - RTS (Request-To-Send)/CTS(Clear-To-Send)/NAV(Network-Allocation-Vector) 13 Figure 9.4 from IEEE Std Draft 2012
Why virtual CS? ● It solves hidden node problem 14 N1 N2R Collisions N1 N2R 1.RTS 2.CTS Keeps Quite for NAV Hidden Nodes
Point Co-ordination Function ● Uses a Point Co-ordinator (PC) for deciding who will transmit when ● PC runs at the Access Point ● PC uses polling mechanism to decide the turn ● Eliminates all contention, PCF has only contention-free period ● Has higher delays than DCF with higher reliability ● Carrier Sensing is Virtual 15
Hybrid Co-ordination Function ● Implemented for QoS WLANs ● Combines , DCF and PCF along with additional QoS guidelines for alternating Collision and Collision-Free Periods (CP and CFPs) ● CP - Enhanced Distributed Channel Access (EDCA) ● CFP - Hybrid Coordination Function Controlled Channel Access (HCCA) ● Stations should obtains transmission opportunity (TxOP) before they can transmit for both EDCA and HCCA ● Traffic priorities - background, best-effort, video, and voice ● All parameters are announced in beacons and probe response frames ● Refer to Chapter 9. MAC sublayer functional description from IEEE 802.11 for details 16
Enabling QoS with Frame Priorities and More 17 Data from upper layers Priority Access Categories Backoff as per CW and IFS Transmission Scheduler ● IFS and Contention Window Sizes ● Block Acknowledgements ● TxOPs ● Direct Link Protocol (DLP) ● No ACK for time critical applications ● Piggyback data Ref: Deyun Gao, Jianfei Cai and King Ngi Ngan, "Admission control in IEEE 802.11e wireless LANs," in IEEE Network, vol. 19, no. 4, pp. 6-13, July-Aug. 2005. doi: 10.1109/MNET.2005.1470677
Calculating IFS and CW ● SlotTime = aCCATime + aRxTxTurnaroundTime + aAirPropagationTime + aMACProcessingDelay ○ SlotTime for 802.11a/n/ac (5 GHz) = 9μS ○ SlotTime for 802.11g/n (2.4 GHz – HT or ERP) = 9μS with short preamble ○ SlotTime for 802.11g/n (2.4 GHz – HT or ERP) = 20μS with long preamble ○ SlotTime for 802.11b/g/n (2.4 GHz – DSS ) = 20μS ● SIFSTime = aRxRFDelay + aRxPLCPDelay + aMACProcessingDelay + aRxTxTurnaroundTime ○ SIFS for 802.11b/g/n (2.4 GHz) = 10μS ○ SIFS for 802.11a/n/ac (5 GHz) = 16μS ● RIFS = 2μS, DIFS = SIFS + 2x SlotTime, PIFS = SIFS + SlotTime 18
Contd... ● EIFS (in EDCA) = SIFS + AIFS[AC] + ACK_Tx_Time ○ EIFS (in DCF) = SIFS + DIFS + ACK_Tx_Time ○ EIFS 802.11b/g/n devices using DSS = 364μS ○ EIFS 802.11g/n devices using OFDM = 160μS ○ EIFS 802.11a/n devices (5GHz) = 160μS ● AIFS[AC] = AIFSN[AC] × SlotTime + SIFSTime ○ Voice and Video = 2 slot times ○ Best Effort = 3 slot times ○ Background = 7 slot times ● Contention Window= ● BE/BK = aCWMin to aCWMax, VI=(aCWMin+1)/2 - 1 to aCWMin, VO=(aCWMin+1)/4 - 1 to (aCWMin+1)/2 - 1 ● Backoff Time = Random() × aSlotTime ○ [Random=Pseudorandom number [0,CW], aCWMin<=CW<=aCWMax] 19
Fragmentation and Defragmentation ● MAC sublayer data units (MSDUs) are partitioned into smaller units for higher reliability ● Original Data Unit - MSDU is divided into smaller MPDUs (MAC Protocol Data Units) each MPDU has its own MAC header and CRC ● Each MPDU should be separately acknowledged ● Burst transmissions allowed in an obtained TxOP 20 Figure 9.2 from IEEE Std Draft 2012
IEEE 802.11 - Introduction to WiFi Frames Frame Types Data FramesManagement Frames Control Frames RTS/CTS/ACK/PollingScanning/Association/Authentication 21 QoS/Non-QoS
Physical Layer Headers - RadioTap/Prism Headers - Depending upon the chipset and driver - MAC Timestamp - Channel Frequency - Signal Strength - MCS Rate - Antenna Information - Channel Information PHY Header MAC Header Frame Body FCS 22
Frame Structure 23 Figure 8.1 from IEEE Std Draft 2012 Figure 8.2 from IEEE Std Draft 2012
Frame Control Field ● Protocol Version - Version of 802.11 standard followed ● Type - Data, Management or Control Frame ● Subtype - Each type has multiple subtype for frames. For example Type Management frames - Subtypes - Association Req/Res, Reassociation Req/Res [Type Subtype Mapping - Table 8.1 in the standard] ● To DS and From DS - Direction from Distribution System ○ 0,0 => A data frame from one station to other station in the same BSS ○ 1,0 => A data frame for DS or Port Access Entity at the AP ○ 0,1 => A data frame from DS or in Mesh network ○ 1,1 => A data frame using 4-address MAC header. Used in Mesh network ● More Fragments - Used in case of fragmented frames, set to 1 when more fragments present ● Retry - Set to 1 is sent again 24
Frame Control Field [Contd…] ● Power Management - 1 indicates that STA is in Power-Save Mode, 0 indicates active mode [Meaning changes for adhoc and mesh networks] ● More Data - Indicates that data is buffered for a STA in power-save mode, 1- Data buffered ● Protected Frame - 1 if cryptographic encapsulation used ● Order - 1 - if strictly ordered service is used 25
Other Fields ● Duration - ○ Control Frame - Association ID ○ Network Allocation Vector ● Addresses ○ DA - Destination Address (Final Recipient) ○ SA - Source Address (Initiator) ○ TA - Transmitter Address ○ RA - Receiver Address ● Sequence Control - Used for fragmentation ● QoS Control Field - Identifies traffic category, TxOP, ACK Policy, Queue Size etc [See Table 8.4 in IEEE std Draft for Details] 26
Capturing Network Traffic ● Tools a. Wireshark/tshark/TCPDump etc b. System Logs ● Collection Points a. Client Side Capture i. Data Path - Wireshark captures all application layer traffic ii. Control Path - Debug Device Driver Logs, system logs, kernel logs b. AP Side Capture i. Example - Enabled with OpenWRT c. In the Air - Sniffing the IEEE 802.11 frames in the air 27
In the Air Sniffing Process - Monitor Mode - Multiple Channel Sniffing - Round Robin - sudo iw dev wlan0 interface add mon0 type monitor - Single Channel Sniffing - Specify the channel - sudo iw dev mon0 set freq 2437 - Checking if monitor mode is supported - Hardware Support - Driver Support - sudo iw list - search for “monitor” - For Details Refer - https://www.slideshare.net/DherytaJaisinghani/tutorial-wifi-driver-code-opening -nuts-and-bolts-of-linux-wifi-subsystem - 28
Wireshark Filters 1. Management Frames - wlan.fc.type == 0 a. Probe Requests - wlan.fc.type_subtype == 0x04 b. Probe Responses - wlan.fc.type_subtype == 0x05 c. Beacons - wlan.fc.type_subtype == 0x08 2. Control Frames - wlan.fc.type == 1 a. RTS - wlan.fc.type_subtype == 0x1b b. CTS - wlan.fc.type_subtype == 0x1c c. ACK - wlan.fc.type_subtype == 0x1d 3. Data Frames - wlan.fc.type == 2 a. QoS Data - wlan.fc.type_subtype == 0x28 b. Non-QoS Data - wlan.fc.type_subtype == 0x20 29
Client-side State Machine and MAC Implementation 30
Client Side WiFi State Machine ● Class 1 Frames ○ Control Frames - RTS/CTS/ACK/CF-End/CF-End+ACK ○ Management Frames - Probe Requests/Probe Responses/Beacons/Authentication/D eauthentication ○ Data Frames - Only allowed in IBSS/Peer Mode ● Class 2 Frames ○ Management Frames - Association Request/Association Response/Reassociation Request/Response/Disassociation ● Class 3 Frames ○ Data Frames ○ Management Frames ○ Control Frames Details from IEEE Std Draft 2012 31
Linux WiFi Subsystem 32
Data Path vs Control Path Data Application System Call Sockets Network Protocols Net_dev core Driver Network Application nl80211 cfg80211 mac80211 Data Path Control Path Application Programming Driver Programming 33
Backports Code Structure net/wireless/handlers/wireless/nl80211.c (struct genl_opsnl80211_ops) nl80211 cfg80211 mac80211 ath9k net/wireless (Configurations) - Struct cfg80211_ops /net/mac80211 (Rate Control, MLME-Authenticate, Reassociate, Deauthenticate, Associate, Disassociate, Beacon , Probe, PM, Scan, Retries, ACK Handling, etc) - struct ieee80211_ops drivers/net/wireless/ath/ath9k (Transmit and Receive) 34
Contact Me ● Webpage: www.dheryta.co.in ● Email: dherytaj@iiitd.ac.in 35

Empfohlen

Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
Respa Peter
 
LTE KPI
LTE KPILTE KPI
LTE KPI
Sitha Sok
 
Eigrp.ppt
Eigrp.pptEigrp.ppt
Eigrp.ppt
Edgardo Scrimaglia
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.
Ajaigururaj R
 
CCNA
CCNACCNA
CCNA
Abhishek Parihari
 
Ccna notes
Ccna notesCcna notes
Ccna notes
Ramesh Kumar
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
Tarun Khaneja
 
OSI Layers
OSI LayersOSI Layers
OSI Layers
Kishore Kumar
 

Empfohlen

Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
Respa Peter
 
LTE KPI
LTE KPILTE KPI
LTE KPI
Sitha Sok
 
Eigrp.ppt
Eigrp.pptEigrp.ppt
Eigrp.ppt
Edgardo Scrimaglia
 
CCNA presentation.
CCNA presentation.CCNA presentation.
CCNA presentation.
Ajaigururaj R
 
CCNA
CCNACCNA
CCNA
Abhishek Parihari
 
Ccna notes
Ccna notesCcna notes
Ccna notes
Ramesh Kumar
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
Tarun Khaneja
 
OSI Layers
OSI LayersOSI Layers
OSI Layers
Kishore Kumar
 
Bgp protocol
Bgp protocolBgp protocol
Bgp protocol
Smriti Tikoo
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
teknetir
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
Bhagyashri Dhoke
 
Point to-point protocol (ppp)
Point to-point protocol (ppp)Point to-point protocol (ppp)
Point to-point protocol (ppp)
Kongu Engineering College, Perundurai, Erode
 
Routing protocols
Routing protocolsRouting protocols
Routing protocols
Sourabh Goyal
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
KHNOG
 
Cisco CCNA- DHCP Server
Cisco CCNA- DHCP ServerCisco CCNA- DHCP Server
Cisco CCNA- DHCP Server
Hamed Moghaddam
 
IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11
Abhishek Pachisia
 
Ccna PPT
Ccna PPTCcna PPT
Ccna PPT
AIRTEL
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocol
Muhammad Arshad
 
Juniper Trouble Shooting
Juniper Trouble ShootingJuniper Trouble Shooting
Juniper Trouble Shooting
Mike(Haobin) Zheng
 
Ieee 802.11 wireless lan
Ieee 802.11 wireless lanIeee 802.11 wireless lan
Ieee 802.11 wireless lan
Parthipan Parthi
 
Topic : B ISDN
Topic : B ISDNTopic : B ISDN
Topic : B ISDN
Dr Rajiv Srivastava
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
arpit
 
Wireless LANs
Wireless LANsWireless LANs
Wireless LANs
Meenakshi Paul
 
Bluetooth protocol stack
Bluetooth protocol stackBluetooth protocol stack
Bluetooth protocol stack
stuimrozsm
 
Routing protocols
Routing protocolsRouting protocols
Routing protocols
rajshreemuthiah
 
CCNA Report
CCNA ReportCCNA Report
CCNA Report
Abhishek Parihari
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
anilinvns
 
Overview of Spanning Tree Protocol
Overview of Spanning Tree ProtocolOverview of Spanning Tree Protocol
Overview of Spanning Tree Protocol
Arash Foroughi
 
80211
8021180211
80211
Võ Nhựt
 
Telecommunications: Wireless Networks
Telecommunications: Wireless NetworksTelecommunications: Wireless Networks
Telecommunications: Wireless Networks
Napier University
 

Weitere ähnliche Inhalte

Was ist angesagt?

Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
teknetir
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
arpit
 
Bluetooth protocol stack
Bluetooth protocol stackBluetooth protocol stack
Bluetooth protocol stack
stuimrozsm
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
anilinvns
 

Was ist angesagt? (20)

Bgp protocol
Bgp protocolBgp protocol
Bgp protocol
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
 
Point to-point protocol (ppp)
Point to-point protocol (ppp)Point to-point protocol (ppp)
Point to-point protocol (ppp)
 
Routing protocols
Routing protocolsRouting protocols
Routing protocols
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Cisco CCNA- DHCP Server
Cisco CCNA- DHCP ServerCisco CCNA- DHCP Server
Cisco CCNA- DHCP Server
 
IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11
 
Ccna PPT
Ccna PPTCcna PPT
Ccna PPT
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocol
 
Juniper Trouble Shooting
Juniper Trouble ShootingJuniper Trouble Shooting
Juniper Trouble Shooting
 
Ieee 802.11 wireless lan
Ieee 802.11 wireless lanIeee 802.11 wireless lan
Ieee 802.11 wireless lan
 
Topic : B ISDN
Topic : B ISDNTopic : B ISDN
Topic : B ISDN
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
 
Wireless LANs
Wireless LANsWireless LANs
Wireless LANs
 
Bluetooth protocol stack
Bluetooth protocol stackBluetooth protocol stack
Bluetooth protocol stack
 
Routing protocols
Routing protocolsRouting protocols
Routing protocols
 
CCNA Report
CCNA ReportCCNA Report
CCNA Report
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
 
Overview of Spanning Tree Protocol
Overview of Spanning Tree ProtocolOverview of Spanning Tree Protocol
Overview of Spanning Tree Protocol
 

Ähnlich wie Tutorial on IEEE 802.11 - MAC Protocols and Frames

Ähnlich wie Tutorial on IEEE 802.11 - MAC Protocols and Frames (20)

80211
8021180211
80211
 
Telecommunications: Wireless Networks
Telecommunications: Wireless NetworksTelecommunications: Wireless Networks
Telecommunications: Wireless Networks
 
Рекомендации по настройке контроллеров БЛВС Cisco
Рекомендации по настройке контроллеров БЛВС CiscoРекомендации по настройке контроллеров БЛВС Cisco
Рекомендации по настройке контроллеров БЛВС Cisco
 
IT8602 Mobile Communication - Unit III
IT8602 Mobile Communication - Unit IIIIT8602 Mobile Communication - Unit III
IT8602 Mobile Communication - Unit III
 
WLAN
WLANWLAN
WLAN
 
Glomosim scenarios
Glomosim scenariosGlomosim scenarios
Glomosim scenarios
 
Ieee 802.11overview
Ieee 802.11overviewIeee 802.11overview
Ieee 802.11overview
 
Networking revolution
Networking revolutionNetworking revolution
Networking revolution
 
Zigbee 802-15-4
Zigbee 802-15-4Zigbee 802-15-4
Zigbee 802-15-4
 
Wireless lecture1
Wireless lecture1Wireless lecture1
Wireless lecture1
 
Networking basics
Networking basicsNetworking basics
Networking basics
 
Cisco WLAN - Chapter. 02 : Part 1 – 802.11 MAC and Cisco Client Adapters
Cisco WLAN - Chapter. 02 : Part 1 – 802.11 MAC and Cisco Client AdaptersCisco WLAN - Chapter. 02 : Part 1 – 802.11 MAC and Cisco Client Adapters
Cisco WLAN - Chapter. 02 : Part 1 – 802.11 MAC and Cisco Client Adapters
 
Samsung_EnodeLSMR__Integration_Module__V1.pdf (1).pdf
Samsung_EnodeLSMR__Integration_Module__V1.pdf (1).pdfSamsung_EnodeLSMR__Integration_Module__V1.pdf (1).pdf
Samsung_EnodeLSMR__Integration_Module__V1.pdf (1).pdf
 
Wan networks
Wan networksWan networks
Wan networks
 
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aqPLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
PLNOG 8: Peter Ashwood-Smith - Shortest Path Bridging IEEE 802.1aq
 
3. Wireless Local Area Networks WLAN.ppt
3. Wireless Local Area Networks WLAN.ppt3. Wireless Local Area Networks WLAN.ppt
3. Wireless Local Area Networks WLAN.ppt
 
3. Introduction Wireless Local Area Networks.ppt
3. Introduction Wireless Local Area Networks.ppt3. Introduction Wireless Local Area Networks.ppt
3. Introduction Wireless Local Area Networks.ppt
 
cFrame framework slides
cFrame framework slidescFrame framework slides
cFrame framework slides
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
VMware NSX 101: What, Why & How
VMware NSX 101: What, Why & HowVMware NSX 101: What, Why & How
VMware NSX 101: What, Why & How
 

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 

Tutorial on IEEE 802.11 - MAC Protocols and Frames

  • 1. Tutorial - IEEE 802.11 Protocol and Frames Dheryta Jaisinghani 1
  • 2. Primer to General WLANs and Enterprise WLANs 2
  • 3. Wireless Networks - Adhoc vs Infrastructure Mode ● Adhoc - ○ Wireless communication happens without an Access Point (AP) ○ Nodes talk to each other directly ● Infrastructure - ○ Wireless communication happens via an AP ○ Nodes talk to each other via AP 3
  • 4. IEEE 802.11 Structure Figure 4.11 from IEEE Std Draft 2012 4 ● STA (Station) ○ Logical entity, singly addressable by MAC+PHY ● BSS (Basic Service Set) ○ Set of stations synchronized to communicate ● DS (Distribution System) ○ System that connects all BSS’s ● SS (Station Services) ○ Set of services that enable transport of MSDUs within a BSS
  • 5. Enterprise WLAN Design - A Cisco Deployment https://www.cisco.com/c/en/us/td/docs/wireless/wcs/4-0/configuration/guide/wcscfg40/wcsovrv.html WiFi Protocol - IEEE 802.11 WiFi Clients 5 What does controller do? ● Manages lot of APs ● Load balancing ● Configurations ● Band Selection ● Channel Selection ● Band Steering ● Mobility Management
  • 6. IEEE 802.11 Standards ● Standard: a,b,g,n,ac,ad,ah,ax etc ● Frequency Bands: 2.4 GHz vs 5 GHz ● Data rates: 1 Mbps to 7 Gbps ● Modulations: DSSS, FHSS, OFDM, MIMO-OFDM, MU-MIMO Summary available here: https://en.wikipedia.org/wiki/IEEE_802.11 6
  • 8. Functions of MLME ● MLME - MAC subLayer Management Entity ● Decide when transmit ○ Distributed Coordination Function ○ CSMA/CA ● Scan - Discover nearby Access Points ● Associate and Authenticate ● Connection Management - Rate Control, Retry Management, Acknowledgement Handling ● Beacon Handling ● Power Management Application Presentation Session Transport Network MLME|MAC Physical WiFi - IEEE 802.11 Station Management 88
  • 9. WLANs - Collision Avoidance NOT Detection ● Collision detection is hard in WLANs ● Most WLAN radios - Transmitters and Receivers - are half-duplex. ● Senders and Receivers may not be in range of each other 9
  • 10. IEEE 802.11 MAC Protocol Architecture 10 Figure 9.1 from IEEE Std Draft 2012
  • 11. Distributed Co-ordination Function ● Fundamental Access method ● Based on Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) ○ Sense the carrier, transmit if free ○ Carrier Sensing can be Physical or Virtual with RTS and CTS ○ Delivery success measured with Acknowledgements ● IFS (Inter-Frame Space) - Time interval between frames ○ SIFS - Short IFS ○ PIFS - PCF IFS ○ DIFS - DCF IFS ○ AIFS - Arbitration IFS (QoS) ● IFS ○ Reduces collision probability ○ Implements priority ■ Lower IFS, Higher Priority 11 Figure 9.3 from IEEE Std Draft 2012
  • 12. Frame transmission 12 Ref: 802.11 Arbitration CWNP white paper
  • 13. Carrier Sensing - Physical vs Virtual ● Physical - Sense energy with PHY ● Virtual - RTS (Request-To-Send)/CTS(Clear-To-Send)/NAV(Network-Allocation-Vector) 13 Figure 9.4 from IEEE Std Draft 2012
  • 14. Why virtual CS? ● It solves hidden node problem 14 N1 N2R Collisions N1 N2R 1.RTS 2.CTS Keeps Quite for NAV Hidden Nodes
  • 15. Point Co-ordination Function ● Uses a Point Co-ordinator (PC) for deciding who will transmit when ● PC runs at the Access Point ● PC uses polling mechanism to decide the turn ● Eliminates all contention, PCF has only contention-free period ● Has higher delays than DCF with higher reliability ● Carrier Sensing is Virtual 15
  • 16. Hybrid Co-ordination Function ● Implemented for QoS WLANs ● Combines , DCF and PCF along with additional QoS guidelines for alternating Collision and Collision-Free Periods (CP and CFPs) ● CP - Enhanced Distributed Channel Access (EDCA) ● CFP - Hybrid Coordination Function Controlled Channel Access (HCCA) ● Stations should obtains transmission opportunity (TxOP) before they can transmit for both EDCA and HCCA ● Traffic priorities - background, best-effort, video, and voice ● All parameters are announced in beacons and probe response frames ● Refer to Chapter 9. MAC sublayer functional description from IEEE 802.11 for details 16
  • 17. Enabling QoS with Frame Priorities and More 17 Data from upper layers Priority Access Categories Backoff as per CW and IFS Transmission Scheduler ● IFS and Contention Window Sizes ● Block Acknowledgements ● TxOPs ● Direct Link Protocol (DLP) ● No ACK for time critical applications ● Piggyback data Ref: Deyun Gao, Jianfei Cai and King Ngi Ngan, "Admission control in IEEE 802.11e wireless LANs," in IEEE Network, vol. 19, no. 4, pp. 6-13, July-Aug. 2005. doi: 10.1109/MNET.2005.1470677
  • 18. Calculating IFS and CW ● SlotTime = aCCATime + aRxTxTurnaroundTime + aAirPropagationTime + aMACProcessingDelay ○ SlotTime for 802.11a/n/ac (5 GHz) = 9μS ○ SlotTime for 802.11g/n (2.4 GHz – HT or ERP) = 9μS with short preamble ○ SlotTime for 802.11g/n (2.4 GHz – HT or ERP) = 20μS with long preamble ○ SlotTime for 802.11b/g/n (2.4 GHz – DSS ) = 20μS ● SIFSTime = aRxRFDelay + aRxPLCPDelay + aMACProcessingDelay + aRxTxTurnaroundTime ○ SIFS for 802.11b/g/n (2.4 GHz) = 10μS ○ SIFS for 802.11a/n/ac (5 GHz) = 16μS ● RIFS = 2μS, DIFS = SIFS + 2x SlotTime, PIFS = SIFS + SlotTime 18
  • 19. Contd... ● EIFS (in EDCA) = SIFS + AIFS[AC] + ACK_Tx_Time ○ EIFS (in DCF) = SIFS + DIFS + ACK_Tx_Time ○ EIFS 802.11b/g/n devices using DSS = 364μS ○ EIFS 802.11g/n devices using OFDM = 160μS ○ EIFS 802.11a/n devices (5GHz) = 160μS ● AIFS[AC] = AIFSN[AC] × SlotTime + SIFSTime ○ Voice and Video = 2 slot times ○ Best Effort = 3 slot times ○ Background = 7 slot times ● Contention Window= ● BE/BK = aCWMin to aCWMax, VI=(aCWMin+1)/2 - 1 to aCWMin, VO=(aCWMin+1)/4 - 1 to (aCWMin+1)/2 - 1 ● Backoff Time = Random() × aSlotTime ○ [Random=Pseudorandom number [0,CW], aCWMin<=CW<=aCWMax] 19
  • 20. Fragmentation and Defragmentation ● MAC sublayer data units (MSDUs) are partitioned into smaller units for higher reliability ● Original Data Unit - MSDU is divided into smaller MPDUs (MAC Protocol Data Units) each MPDU has its own MAC header and CRC ● Each MPDU should be separately acknowledged ● Burst transmissions allowed in an obtained TxOP 20 Figure 9.2 from IEEE Std Draft 2012
  • 21. IEEE 802.11 - Introduction to WiFi Frames Frame Types Data FramesManagement Frames Control Frames RTS/CTS/ACK/PollingScanning/Association/Authentication 21 QoS/Non-QoS
  • 22. Physical Layer Headers - RadioTap/Prism Headers - Depending upon the chipset and driver - MAC Timestamp - Channel Frequency - Signal Strength - MCS Rate - Antenna Information - Channel Information PHY Header MAC Header Frame Body FCS 22
  • 23. Frame Structure 23 Figure 8.1 from IEEE Std Draft 2012 Figure 8.2 from IEEE Std Draft 2012
  • 24. Frame Control Field ● Protocol Version - Version of 802.11 standard followed ● Type - Data, Management or Control Frame ● Subtype - Each type has multiple subtype for frames. For example Type Management frames - Subtypes - Association Req/Res, Reassociation Req/Res [Type Subtype Mapping - Table 8.1 in the standard] ● To DS and From DS - Direction from Distribution System ○ 0,0 => A data frame from one station to other station in the same BSS ○ 1,0 => A data frame for DS or Port Access Entity at the AP ○ 0,1 => A data frame from DS or in Mesh network ○ 1,1 => A data frame using 4-address MAC header. Used in Mesh network ● More Fragments - Used in case of fragmented frames, set to 1 when more fragments present ● Retry - Set to 1 is sent again 24
  • 25. Frame Control Field [Contd…] ● Power Management - 1 indicates that STA is in Power-Save Mode, 0 indicates active mode [Meaning changes for adhoc and mesh networks] ● More Data - Indicates that data is buffered for a STA in power-save mode, 1- Data buffered ● Protected Frame - 1 if cryptographic encapsulation used ● Order - 1 - if strictly ordered service is used 25
  • 26. Other Fields ● Duration - ○ Control Frame - Association ID ○ Network Allocation Vector ● Addresses ○ DA - Destination Address (Final Recipient) ○ SA - Source Address (Initiator) ○ TA - Transmitter Address ○ RA - Receiver Address ● Sequence Control - Used for fragmentation ● QoS Control Field - Identifies traffic category, TxOP, ACK Policy, Queue Size etc [See Table 8.4 in IEEE std Draft for Details] 26
  • 27. Capturing Network Traffic ● Tools a. Wireshark/tshark/TCPDump etc b. System Logs ● Collection Points a. Client Side Capture i. Data Path - Wireshark captures all application layer traffic ii. Control Path - Debug Device Driver Logs, system logs, kernel logs b. AP Side Capture i. Example - Enabled with OpenWRT c. In the Air - Sniffing the IEEE 802.11 frames in the air 27
  • 28. In the Air Sniffing Process - Monitor Mode - Multiple Channel Sniffing - Round Robin - sudo iw dev wlan0 interface add mon0 type monitor - Single Channel Sniffing - Specify the channel - sudo iw dev mon0 set freq 2437 - Checking if monitor mode is supported - Hardware Support - Driver Support - sudo iw list - search for “monitor” - For Details Refer - https://www.slideshare.net/DherytaJaisinghani/tutorial-wifi-driver-code-opening -nuts-and-bolts-of-linux-wifi-subsystem - 28
  • 29. Wireshark Filters 1. Management Frames - wlan.fc.type == 0 a. Probe Requests - wlan.fc.type_subtype == 0x04 b. Probe Responses - wlan.fc.type_subtype == 0x05 c. Beacons - wlan.fc.type_subtype == 0x08 2. Control Frames - wlan.fc.type == 1 a. RTS - wlan.fc.type_subtype == 0x1b b. CTS - wlan.fc.type_subtype == 0x1c c. ACK - wlan.fc.type_subtype == 0x1d 3. Data Frames - wlan.fc.type == 2 a. QoS Data - wlan.fc.type_subtype == 0x28 b. Non-QoS Data - wlan.fc.type_subtype == 0x20 29
  • 30. Client-side State Machine and MAC Implementation 30
  • 31. Client Side WiFi State Machine ● Class 1 Frames ○ Control Frames - RTS/CTS/ACK/CF-End/CF-End+ACK ○ Management Frames - Probe Requests/Probe Responses/Beacons/Authentication/D eauthentication ○ Data Frames - Only allowed in IBSS/Peer Mode ● Class 2 Frames ○ Management Frames - Association Request/Association Response/Reassociation Request/Response/Disassociation ● Class 3 Frames ○ Data Frames ○ Management Frames ○ Control Frames Details from IEEE Std Draft 2012 31
  • 33. Data Path vs Control Path Data Application System Call Sockets Network Protocols Net_dev core Driver Network Application nl80211 cfg80211 mac80211 Data Path Control Path Application Programming Driver Programming 33
  • 34. Backports Code Structure net/wireless/handlers/wireless/nl80211.c (struct genl_opsnl80211_ops) nl80211 cfg80211 mac80211 ath9k net/wireless (Configurations) - Struct cfg80211_ops /net/mac80211 (Rate Control, MLME-Authenticate, Reassociate, Deauthenticate, Associate, Disassociate, Beacon , Probe, PM, Scan, Retries, ACK Handling, etc) - struct ieee80211_ops drivers/net/wireless/ath/ath9k (Transmit and Receive) 34
  • 35. Contact Me ● Webpage: www.dheryta.co.in ● Email: dherytaj@iiitd.ac.in 35