chapter 04 ieee 802.11 media access control
DESCRIPTION
Chapter 04 IEEE 802.11 Media Access Control. Center for Information Technology. Objectives. Describe and apply the following concepts surrounding WLAN frames - Terminology Review: Frames, Packets, and Datagrams - Terminology Review: Bits, Bytes, and Octets - Terminology: MAC and PHY - PowerPoint PPT PresentationTRANSCRIPT
Chapter 04
IEEE 802.11 Media Access Control
Center for Information Technology
2
Objectives
Describe and apply the following concepts surrounding WLAN frames- Terminology Review: Frames, Packets, and Datagrams- Terminology Review: Bits, Bytes, and Octets- Terminology: MAC and PHYUnderstand IEEE 802.11 CSMA/CAUnderstand and compare frame types and formats
Identify, explain, and apply the frame and frame exchange sequences- Active (Probes) and Passive (Beacons) Scanning- Dynamic Rate Switching
3
Objectives
Summarize the processes involved in authentication and association- The IEEE 802.11 State Machine- Open System Authentication, Shared Key Authentication, and Deauthentication- Association, Reassociation, and Disassociation
Define, describe, and apply IEEE 802.11 coordination functions and channel access methods and features available for optimizing data flow across the RF medium- DCF and PCF Coordination Functions- RTS/CTS- Fragmentation
4
Terminology Review
Whatever data is communicated, Layer 4 - Transport layer - usuallybreaks the data into TCP segments. These segments are sent to Layer 3 and become the packets. When these packets are passed on to Layer 2, they become frames. And now it is ready to be placed on the wire or RF medium using the Layer 1 technologies implemented.
5
Terminology Review
Term Packet is usually used for connection-oriented communications (TCP).Term Datagram is usually used for connectionless communications (UDP). Frames are collections of data and management information needed to carry the data from one place to another on the network. Different networking technologies use different frame formats
Bits, Bytes, and OctetsThe smallest element that can be transmitted on any network is a bit. A bit is a single value equal to 1 or 0. When we group 8 bits together, they form a byte. It is called an octet in most standards.
6
Terminology Review
MAC and PHYMAC is an acronym for medium access control. Within the Data Link layer (Layer 2) of the OSI model, there are two sublayers known as the Logical Link Control (LLC) and the MAC sublayer
PHY is an abbreviation for the Physical layer of the OSI model.
In order to provide for different physical technologies (Infrared, DSSS, FHSS, etc.) in IEEE 802.11, the PHY is divided into two sublayers called the Physical Medium Dependant (PMD) and the Physical Layer Convergence Protocol (PLCP).
7
Terminology Review
The Physical Medium Dependent (PMD) is responsible for actually transmitting the information using some form of modulation such as GPSK, DBPSK, or DQPSK.
The Physical Layer Convergence Protocol (PLCP) is responsible for abstracting the PMD from the Data Link layer protocols and abstracting the Data Link layer protocols from the PMD. It acts as a translator or coordinator between the real physical medium and the MAC processes.
8
Terminology Review
Data Link Layer and Logical Link Control (LLC) SublayerThe Data Link layer of the OSI model is divided into two sublayers. These sublayers, in IEEE 802.11 systems, are the IEEE 802.2 Logical Link Control (LLC) sublayer, and the Media Access Control (MAC) sublayer.
9
Terminology Review
The data units that are passed down through the layers have specific names. These names are used to distinguish the frame at one layer from the frame at another layer and to distinguish the preserviced frame from the serviced frame at each layer. These names are MSDU, MPDU, PSDU, and PPDU.
MSDU, stands for MAC service data unit. The MSDU is whatis received from the upper layers (OSI layers 7–3 via the LLC sublayer) to be managed and transmitted by the lower layers (OSI layers 2–1). It is the data accepted by the MAC layer to be transmitted to the MAC layer of another station on the network. MSDUs are included in all wireless frames that carry upper-layer data; however, IEEE 802.11 management frames do not contain MSDUs, since there is no upper-layer data to transfer.
10
Terminology Review
The MPDU, MAC protocol data unit, is what is delivered to the PLCP so that it can ultimately be converted into a PPDU and transmitted.
The MSDU is what is received by the Data Link layer, and the MPDU is what comes out of the Data Link layer and is delivered to the Physical layer. It is delivered to the PLCP.
The PSDU is the PLCP service data unit. The PSDU is what the PLCP receives from the MAC sublayer. While the MAC sublayer calls it the MPDU, the Physical layer references the exact same objects as the PSDU. The PLCP adds information to the PSDU and provides the result to the PMD as a PPDU.
11
Terminology Review
The PPDU, PLCP protocol data unit, is what is actually transmitted on the RF medium. The PPDU is what the PMD receives from the PLCP.
The PPDU is the culmination of all that has happened to the data from the time it left the application starting at Layer 7 of the OSI model to the time it is actually transmitted on the RF medium by the PMD at Layer 1.
12
IEEE 802.11 CSMA/CA
13
CSMA/CD versus CSMA/CA
Ethernet networks (IEEE 802.3) use a form of collision management known as collision detection (CD). Wireless networks use a different form of collision management known as collision avoidance (CA). The full name of the physical media access management used in wireless networks is carrier sense multiple access/collision avoidance or CSMA/CA.
The carrier sense in CSMA means that the devices will attempt to sense whether the physical medium is available before communicating. The multiple access indicates that multiple devices will be accessing the physical medium.
14
In a CD implementation of CSMA, when a collision is detected, both devices go silent for a pseudo-random period of time.
Collision avoidance is achieved by signaling to the other devices that one device is about to communicate.
CSMA/CA is not perfect due to hidden node problems.
CSMA/CD versus CSMA/CA
15
CSMA/CD
Before networked device sends a frame, listens to see if another device currently transmitting. If traffic exists, wait; otherwise send. Devices continue listening while sending frame. If collision occurs, stops and broadcasts a “jam” signal.
16
CSMA/CD
CSMA/CD cannot be used on wireless networks: Difficult to detect collisions and Hidden node problem
17
Hidden node problem
18
Carrier Sense
Carrier sense is the process of checking to see if the medium is in use or busy. There are two kinds of carrier sense: virtual carrier sense and physical carrier sense.
Physical carrier sense uses clear channel assessment (CCA) to determine if the physical medium is in use.
Virtual carrier sense uses a network allocation vector (NAV). The NAV is a timer in each station that is used to determine if the station can utilize the medium. If the NAV has a value of 0, the station may contend for the medium. If the NAV has a value greater than 0, the station must wait until the timer counts down to 0 to contend for the medium. Stations configure their NAV timers according to Duration fields in other frames using the medium.
19
Interframe Spacing
After the station has determined that the medium is available, using carrier sensing techniques, it must observe interframe spacing (IFS) policies. IFS is a time interval in which frames cannot be transmitted by stations within a BSS. This space between frames ensures that frames do not overlap each other. The time interval differs, depending on the frame type and theapplicable IFS type for that frame.These IFS types include the following types:
- SIFS- PIFS- DIFS- EIFS
20
Interframe Spacing: SIFS, PIFS, DIFS, EIFS
Short interframe spacing (SIFS) is the shortest of the available IFS parameters. Frames that are specified to use SIFS will take priority over frames that are specified to use PIFS, DIFS, or extended IFS (EIFS).
Distributed (coordination function) interframe spacing (DIFS) is used by standard data frames.
Extended interframe spacing (EIFS) is used when a frame reception begins but the received frame is incomplete or is corrupted based on the Frame Check Sequence (FCS) value.
21
Interframe Spacing: SIFS, PIFS, DIFS, EIFS
CSMA/CA with one station transmitting
22
Interframe Spacing: SIFS, PIFS, DIFS, EIFS
CSMA/CA with two stations transmitting
23
Contention Window
After the IFS delay interval has passed, the device must then initiate a random backoff algorithm and then contend for the wireless medium if the Distributed Coordination Function is in effect. This random backoff algorithm is processed and applied using the contention window.
Random Backoff TimesAll stations having a frame to transmit choose a random time period within the range specified as the contention window. Next, the predefined algorithm multiplies the randomly chosen integer by a slot time. The slot time is a fixed-length time interval that is defined for each PHY, such as DSSS, FHSS, or OFDM.
24
Collision Avoidance
The carrier sense, IFS, and random backoff times are used inorder to decrease the likelihood that any two stations will try to transmit at the same time on the WM. The IFS parameters are also used in order to provide priority to the more time-sensitive frames such as ACK frames and CTS frames. The CCA (PHY and MAC), IFS, variable contention window, and random backoff times, together, form the core of the Distributed Coordination Function.Even with all of these efforts, a collision can still occur. In order to deal with these scenarios, acknowledgment, or ACK, frames are used. An ACK frame is a short frame that uses the SIFS to let the sending device know that the receiving device has indeed received the frame. If the sending device does not receive an ACK frame, it will attempt to retransmit the frame.
25
Frame Types and Formats Compared
26
IEEE 802.11 Frame Format Versus IEEE 802.3 Frame Format
A frame originating from a wired client and destined for a wireless client will first be transmitted on the wire as an 802.3 frame, and then the access point will strip off the 802.3 headers and reframe the data unit as an 802.11 frame for transmission to the wireless client.
IEEE 802.3 frames support a maximum MSDU payload size of 1500 bytes. IEEE 802.11 frames support a maximum MSDU payload size of 2304 bytes
802.3 frames have only two MAC address fields, whereas 802.11 frames have one, two, three, or four. These four MAC address fields can contain four of the following five MAC address types, and the contents will be dependent on the frame subtype:
- Basic Service Set Identifier (BSSID)- Destination Address (DA)- Source Address (SA)- Receiver Address (RA)- Transmitter Address (TA)
27
Frame Types
Three frame types: management frames, control frames, and data frames. The Type subfield in the Frame Control (FC) field of a general IEEE 802.11 frame may be 00 (management), 01 (control), or 10 (data). The Subtype subfield determines the subtype of frame, within the frame types specified, that is being transmitted. For example, a Type subfield value of 00 with a Subtype value of 0000 is an association request frame; however, a Type value of 10 with a Subtype value of 0000 is a standard data frame.
28
Management Frames
Management frames are used to manage access to wireless networks and to move associations from one access point to another within an extended service set (ESS).
29
Management Frames
Acknowledgment frame (ACK): Sent by receiving device to sending device to confirm data frame arrived intact.If ACK not returned, transmission error assumed.
30
Control Frames, Data Frames
Control frames are used to assist with the delivery of data frames and must be able to be interpreted by all stations participating in a BSS. This means that they must be transmitted using a modulation technique and at a data rate compatible with all hardware participating in the BSS.
Data frames are the actual carriers of application-level data.
31
IEEE 802.11 Frames and Frame Exchange Sequences
32
MAC Functions
Scanning Before a station can participate in a BSS, it must be able to find the access points that provide access to that service set
Synchronization Some IEEE 802.11 features require all stations to have the same time. Stations can update their clocks based on the time stamp value in beacon frames.
Frame Transmission Stations must abide by the frametransmission rules of the BSS to which they are associated.
Authentication Authentication is performed before a station can be associated with a BSS.
33
MAC Functions
Association Once authentication is complete, the station can become associated with the BSS. Reassociation When a user roams throughout a service area, that user may reach a point where one AP within an ESS will provide a stronger signal than the currently associated AP. When this occurs, the station will reassociate with the new AP.Data Protection Data encryption may be employed to assist in preventing crackers from accessing the data that is transmitted on the WM.Power Management Since the transmitters/receivers in wireless client devices consume a noteworthy amount of power, this feature are provided that assist in extending battery life by causing the transceiver to sleep for specified intervals.Fragmentation It is beneficial to fragment frames before they are transmitted onto the WM. This occurs as a result of intermittent interference. RTS/CTS Request to Send/Clear to Send is a feature of IEEE 802.11 that will help prevent hidden node problems.
34
Beacon Management Frame
In an ad hoc wireless network (IBSS), all the stations take turnsbroadcasting the beacon frame. This is because there is no access point in an independent basic service set (IBSS).
Beacon frames can be used by client stations seeking wireless network to join, or these client stations may use other frames known as probe request and probe response frames.
35
Beacon Management Frame
36
Active Scanning (Probes)
Active scanning uses probe request and probe response frames instead of the beacon frame to find a WLAN to join.
Freeware tool NetStumbler can be used for active scanning
37
Active Scanning (Probes)
Active scanning involves channel switching and scanning each channel in a station’s channel list. 1. Switch to a channel.2. Wait for an incoming frame or for the ProbeDelay timer to expire.3. If the ProbeDelay timer expires, use DCF for access to the WM and send a probe request frame.4. Wait for the MinChannelTime to pass.a. If the WM was never busy, there is no WLAN on this channel. Move to the next channel. b. If the WM was busy, wait until MaxChannelTime has expired and then process any probe response frames.
38
Passive Scanning (Beacons)
The passive scanning: the client station listens (receives) in order to find the access points. This is done by receiving beacon frames and using them to find the access point for the BSS to be joined.
When multiple access points transmit beacon frames that are received by the passive scanning station, the station will determine the access point with the best signal (RSSI) and attempt to authenticate and associate with that access point.
39
Authentication and Association Processes
40
The IEEE 802.11 State Machine
The state machine of the IEEE 802.11 standard can be in one of three states:- Unauthenticated/Unassociated- Authenticated/Unassociated- Authenticated/Associated
41
State 1: Unauthenticated/UnassociatedIn the initial state, a client station is completely disconnected from the WLAN. Authentication frames can be sent to the access points.
State 2: Authenticated/UnassociatedThe second state of the state machine is to authenticate an unassociated state. To move from the first state to the second, the client station must perform some kind of valid authentication. This is accomplished with authentication frames.
State 3: Authenticated/AssociatedIn order for a station to be in this state, it must have first been authenticated and then associated. The process of moving from state 2 to this state is a simple four-frame transaction. The client station first sends an association request frame to an access point to which it has been authenticated. Second, the access point responds with an acknowledgment frame. Next, the access point sends an association response frame either allowing or disallowing the association. The client sends an acknowledgment frame as the fourth and final step.
The IEEE 802.11 State Machine
42
The IEEE 802.11 State Machine
43
Authentication - Deauthentication
There are two methods of authentication: - Open System authentication- Shared Key authentication.The first would be used in less secure environments.The second would be used in more secure environments.
Deauthentication indicates that the deauthenticating station is either leaving or has left the BSS or ESS. A deauthentication frame will include the address of the station being deauthenticated and the address of the station with which the deauthenticating station is currently authenticated.
44
Open System Authentication
No true authentication (verification of identity) occurs.Be specified as the default authentication mechanism.The four steps do not include any actual authentication of identity. Access points configured to use Open Systemauthentication will always respond with a positive authentication to any authentication request.
45
Open System Authentication
46
Shared Key Authentication
Shared Key authentication utilizes the wired equivalent privacy (WEP) key for authentication.
47
Shared Key Authentication
48
Association, Reassociation, and Disassociation
A station can be authenticated with multiple APs, but it can be associated with only one. There are three frames related to association: association frames, reassociation frames, and disassociation frames.
AssociationThe process of association: Four frames are transmitted between the client station and the AP station. The first frame is an association request frame, which is followed by an acknowledgment frame from the AP. The third frame is an association response frame, which is followed by an acknowledgment frame from the client station.
49
Association, Reassociation, and Disassociation
ReassociationReassociation occurs when a client station roams from one AP to another within an ESS.Device drops connection with one AP and establish connection with another. Several reason why reassociation may occur:
roaming, weakened signal. When device determines link to current AP is poor, begins scanning to find another AP
DisassociationThe disassociation service is the component of the MAC layer that is responsible for processing a disassociation.
50
Data Flow Optimization Across the RF Medium
Transmitting on the WLAN: DCF and PCF
Distributed Coordination Function (DCF) Mandatory in 802.11The DCF is the WM access method. DCF is inclusive of the carrier sensing mechanisms, interframe spacing, and backoff timers. DCF is said to be a distributed coordination function because the coordination of access to the WM is distributed among the wireless stations. Using the various methods, all the stations work together to provide cooperative access to the WM without the need for a centralized medium access controller.
Point Coordination Function (PCF) An optional access methodThe PCF centralizes access to the WM. There is one point (station) in the WLAN that is responsible for controlling access to the WM. This point is the access point. (polling mechanism)
51
RTS/CTS and CTS-to-Self Protocols
Instead of the access point polling the stations to see which station needs to communicate, the stations can tell the access point they need to communicate and then wait for the access point to give them the go-ahead. This method is called Request to Send/Clear to Send (RTS/CTS).
RTS/CTS works according to the following process:1. A station wishing to transmit using RTS/CTS sends a Request to Send frame to the AP.2. When the AP receives the RTS request, it sends a Clear to Send frame to the WLAN as a broadcast.3. The stations in the vicinity all hear the duration in either the Request to Send frame or the Clear to Send frame and know to stay silent.4. The original requesting station transmits its frame and receives an acknowledgment during this quiet window.
52
RTS/CTS and CTS-to-Self Protocols
used to solve hidden node problem
53
Fragmentation
Divide data to be transmitted from one large frame into several smaller ones.- Reduces probability of collisions
- Reduces amount of time medium is in use.
If data frame length exceeds specific value, MAC layer fragments it.Receiving station reassembles fragments.
54
Dynamic Rate Switching
Dynamic rate switching is the process of reducing or increasing the data rate to the next supported data rate as the quality of the RF signal changes.
As the quality of the signal degrades, it becomes more and more difficult to demodulate the more complex modulation schemes. By slowing down the data rate, either with a different or the same modulation, it becomes easier to demodulate the data.
A standards-based device will only change the data rate to a supported data rate of the standard. For example, a HR/DSSS PHY will shift from 11 to 5.5 Mbps, but will not shift from 11 to 6 Mbps because 6 Mbps is not supported by the HR/DSSS PHY.