Wireless LAN - WLAN

Mohamed Mokdad

Ecole d’Ingénieurs de Bienne

Agenda

• WLAN Basics

• WLAN Configurations

• Customer considerations

• Components

• Frequencies

• Frames

First approach

• (Wired) LAN is a data network

• Wireless LAN is an RF extension to LAN

• Data over the air interface

• No wires– i.e. Connectivity & Mobility

Why WLAN?

• Mobility for data– As for voice, i.e. GSM (PWLAN)

• Installation's speed and simplicity– No wiring needed

• Installation flexibility– Easy reconfiguration

• Scalability– WLAN can expand easily (Roaming)

The air interface technologies

• Narrowband– Classical RF transmission

• Spread spectrum (DSSS)– Sounds like noise if not tuned– Reliability, Integrity & Security

• Infrared– Very high frequencies just below visible

spectrum (Not very used in WLAN)

Spread Spectrum Technology

• Direct-Sequence - DSSS– Robust to noise & interference– Resistant to multipath effects– More secure, harder to detect– Higher throughput

• Frequency-Hopping - FHSS– Simple implementation – Less power consumption– Can add overlapping capacity with orthogonal

hopping sequences

Typical configuration

• An Access Point - AP - connects– The LAN to– Wireless LAN

• An AP can support a small group of users in a range of 100 to 300 m.

• The antenna is attached to the AP and defines the coverage area.– Isotropic or directional antennas

Peer to peer network

- This configuration needs no AP and no network in order to connect the 2 PCs

- The existing PCMCIA Cards generally allow this configuration

Clients and Access Points

LAN

Typical configuration

Multiple access points & roaming

Roaming or Handover?This means mobiles can move between different coverage areas

LAN

Use of an extension point

LAN

The extension point extends the coverage area of the AP without addingany complexity to the AP architecture. E.g. Hot Spot in Airports

The use of directional antennas

LAN

LAN

Does this make sense?

Customer considerations• Range and coverage

– Distance over which equipment can communicate

– Radiated power in the coverage area - CA

• Throughput– The mean bit rate (bps) a user can expect– N users need less bandwidth than N x times

• Integrity and reliability– Protect your WLAN from taping - Small CAs– Protect your AP - Encrypted access & data

Customer considerations 2

• Compatibility with the existing network– Many different backbones supported– WLAN should be multivendor compatible

• Interoperability of wireless devices– Air transmission technology (FHSS, DSSS)– Channel allocation (not all channels available)

• Interference and Coexistence– Spectrum overlap– Different vendors can interfere

Customer considerations 3

• WLAN Licensing issues– Free spectrum or licensed - Hyperlan? ISM?

• Simplicity/Ease of Use– A configured Wireless LAN can be moved with

little or no modification at all

• Security– WLANs are less secure than LANs

• Cost– Main factors: Coverage area # of APs

Customer considerations 4

• Scalability– Extension of coverage area– Support of additional APs at no costs

• Battery Life for Mobile Platforms– This is rather a hand held computer issue– End user wireless products with less power

• Safety– Much less than hand held cellular phones– Safety deals with human safety

ISM

• Industrial/Scientific/Medical bands• 902-928 MHz

• Crowded: Cordless phone, wireless speaker, garage door (telemetry)

• 2400-2483.5 MHz• Medium use, Microwave oven

• 5725-5850 MHz• US & Canada only• Light use, some radar • Expensive

OSI Layers

Configurations

• Wireless LAN– Specified in IEEE 802.11– Specify Physical and MAC layers

• Stations– Portable: fixed when used– Mobile: mobile during usage

• Emitted Power– 100 mW (1 W in US and 10 mW in Japan)– Impacts directly coverage area (bandwidth)

BSS & BSA

BSS: Basic Service SetThis figures out a coverage areaSTA1: Station 1

BSA: Basic Service Area BSS

Dynamic association between BSS and STAx

DS & ESS

DS: Distribution SystemAP: Access Point

2 BSSs can overlap – Co-located coverage areas

LAN

11b Operating Channels

Overlapping - close coverage areas should not overlap

Non overlapping

11b Channels sets for Europe

SetNumber of channels

HR/DSSS Channel number

1 3 1,7,13

2 6 1,3,5,7,9,11

HR&DSSS: High Rate / Direct Sequence Spread Spectrum

11b Regulation agencies

Code point Regulatory agency Region

X'10' FCC United States X'20' IC Canada X'30' ETSI Most of Europe X'31' Spain Spain X'32' France France X'40' MKK Japan

Channels allocationRegulatory domains

X'10' X'20' X'30' X'31' X'32' X'40' CHNL_ID Frequency FCC IC ETSI Spain France MKK1 2412 MHz X X X — — —2 2417 MHz X X X — — —3 2422 MHz X X X — — —4 2427 MHz X X X — — —5 2432 MHz X X X — — —6 2437 MHz X X X — — —7 2442 MHz X X X — — —8 2447 MHz X X X — — —9 2452 MHz X X X — — —10 2457 MHz X X X X X —11 2462 MHz X X X X X —12 2467 MHz — — X — X —13 2472 MHz — — X — X —14 2484 MHz — — — — — X

2 state variables & 3 logical states

State 1Unauthenticated

Unassociated

State 3Authenticated

Associated

State 2AuthenticatedUnassociated

Class 1Frames

Class 1,2Frames

Class 1,2,3Frames

SuccessfulAuthentication

SuccessfulAssociation orReassociation

DeauthenticationNotification

DeassociationNotification

DeauthenticationNotification

Frame Classes

• Control• Management• Data• Class 1

– Control, Management & Data

• Class 2– Management

• Class 3– Control, Management & Data

Control Frames

• Acknowledgment (ACK)

• CF-End + CF-Ack

• Clear To Send (CTS)

• Contention-Free (CF)-End

• Power Save (PS)-Poll

• Request To Send (RTS)

Management Frames• Announcement traffic indication message (ATIM)• Association request• Association response• Authentication• Beacon• Deauthentication• Disassociation• Probe request• Probe response• Reassociation request• Reassociation response

Data Frames

• CF-Ack (no data)

• CF-Ack + CF-Poll (no data)

• CF-Poll (no data)

• Data + CF-Ack

• Data + CF-Ack + CF-Poll

• Data + CF-Poll

• Null function (no data)

MAC frame format - General

FrameControl

DurationID

Address1

FrameBody

FCSAddress

2Address

3Sequence

ControlAddress

3

MAC Header

ProtocolVersion

TypeSubType

ToDS

FromDS

MoreFragment

RetryPowerMgmt

MoreData

WEP Order

Power Management = From Station to say 1: power save or 0: Active mode Retry for corrupted framesMore fragments for segmented framesDuration ID = either AID (Station Association Identity) or Frame durationSequence Control Field = Frames (12 bits) and Fragments (4bits) numbering

MAC frame format - Control

FrameControl

FCSDuration

MAC Header

ProtocolVersion

TypeSubType

ToDS

FromDS

MoreFragment

RetryPowerMgmt

MoreData

WEP Order

RA TA

Example of RTS control frame

Address Fields

DA Destination Address of the MSDURA Receiver Address - Address of STA in the APSA Source Address of the MSDUTA Transmitter Address - Address of STA in the APBSSID BSS ID

Address Fields bis

• To DS = 0 & From DS = 0– A data frame direct from one STA to another STA

within the same IBSS, as well as all management and control type frames.

• To DS = 1 & From DS = 0– Data frame destined for the DS.

• To DS = 0 & From DS = 1– Data frame exiting the DS.

• To DS = 1 & From DS = 1– Wireless distribution system (WDS) frame being

distributed from one AP to another AP.

Type Coding Management

Type Coding Control & Data

Architectural services

• Station services– Authentication & Deauthentication– Privacy - WEP– MSDU delivery - Data delivery

• Distribution system services– Association, Disassociation & Reassociation– Distribution– Integration (to the LAN)

Security

• Service set identifier (SSID)– SSID associated with an AP or a group

of APs. Client must know SSID

• Media Access Control (MAC) address filtering – No access to client’s MAC not in this list.

• Wired Equivalent Privacy (WEP) – Encryption (not strong)

• Others: IP range definition (e.g. WPA1/2)

WEP: Wired Equivalent Privacy

• WEP provides equivalent functionality to the wired LAN– It is reasonably strong: from 40 to 128 bits– It is self-synchronizing: in each packet– It is efficient: it works– It may be exportable: US & Europe issue

• E.g Internet Explorer @ 128 kbps

• It is optional: It’s an IEEE option

WEP

• 40 to 256 bits

• Devices can work with lower encryption level - 120 bits can work @ 64 and 40 bits

• Encryption level determined by key length

• Lower level with 10 Hex characters– i.e. 5 ASCII characters

• Highest level with 64 Hex characters– i.e. 32 ASCII characters

Antenna

Antenna

Medium Access

• Carrier Sense Multiple Access with Collision Avoidance

CSMA/CA

• Carrier Sense Multiple Access with Collision Detection

CSMA/CD

LAN - CSMA/CD

• Supports two or more nodes on common Supports two or more nodes on common busbus

• Node postpones transmission of data Node postpones transmission of data packets until network is clear of trafficpackets until network is clear of traffic

• Other nodes transmit in event of collisionOther nodes transmit in event of collision

• Back off period before retransmissionBack off period before retransmission

LAN - CSMA/CD

A B

B will detect tranmission from AIt stops its transmission andSend the ethernet jam sequence, i.e. 32 bitsCollision detected with higher current values

Back-Off• Detect collision N

– Start with N = 0

• After a collision– Increment N and Increment K (if K < 10)– Calculate number set and pick R (Random)– {0,1,2,3} for N = 2 (and K = 2)– {0,1,2,3,4,5,6,7} for N = 3 (and K = 3)– Items number = 2K (max 2K = 1024)– R defines the wait time, i.e. R*51.2 μs

• The collision probability gets lower

Back-Off

WLAN - CSMA/CA

• Cannot detect data packet collisionCannot detect data packet collision• Detects medium busyDetects medium busy • Node can transmit Request to Send (RTS) Node can transmit Request to Send (RTS)

to destinationto destination • Destination can transmit Clear to Send Destination can transmit Clear to Send

(CTS) to originating node(CTS) to originating node • Destination can transmit Destination can transmit

Acknowledgement when data packet has Acknowledgement when data packet has been receivedbeen received

ACK

WLAN - CSMA/CA

Node A

Node B

Node C

D MPDU S A D CW MPDU

D = DCF Interframe SpaceDCF = Distributed Coordination Function MPDU = MAC Protocol Data UnitS = Short Interframe SpaceCW = Contention WindowA = Acknowledgment

Hidden Node B

A B C

- A is sending to B- C is out of range of A’s transmission

C CSs and transmits Collision

RTS

Use RTS & CTS

ACK

Node A

Node B

Node C

D MPDU S A D

CTS

C Not allowed for sending

RTS ) Ready To SendCTS ) Clear To Send

Contention Window

Exposed Node

A B C

- B is sending to A- C wants to send to D (C = Exposed Node)

D

Solve

A CB

C waits since it hears B’s CTS

RTS

CTS CTS

A CB

C doesn’t wait since it doesn’t hear A’s CTS

CTS

RTS RTS

MIBs and SNMP

• MIB (format)– ieeedot11– rfc1213– Proprietary, e.g. Cisco

• SNMP (+ SMNP Agent in device)– Access objects– 1.3.6.1.2.1.11.25.0– iso.org.dod.internet.mgmt.mib-2.snmpOutGetRequests.0