1 / 33

Linux无线网络系统分析

Linux无线网络系统分析. 孟宁 电话:0512-6883930 3 腾讯微博:@mengning997 新浪微博:@孟宁V5 E-mail:mengning@ustc.edu.cn 主页:http://staff.ustc.edu.cn/~mengning 地址:苏州工业园区独墅湖高等教育区仁爱路1 88 号 思贤楼504 室. 20 1 3 年 6 月. 内容组织的逻辑. 一是硬件上,有哪些东西,他们是如何放置的。 硬件:网络 + 有线网络 ⇒ 无线网络 ⇒ 80211 无线网络 二是软件上,通信协议上,是如何实现通信的。

regant
Download Presentation

Linux无线网络系统分析

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Linux无线网络系统分析 孟宁 电话:0512-68839303 腾讯微博:@mengning997 新浪微博:@孟宁V5 E-mail:mengning@ustc.edu.cn 主页:http://staff.ustc.edu.cn/~mengning 地址:苏州工业园区独墅湖高等教育区仁爱路188号思贤楼504室 2013年6月

  2. 内容组织的逻辑 • 一是硬件上,有哪些东西,他们是如何放置的。 • 硬件:网络 + 有线网络 ⇒ 无线网络 ⇒ 80211无线网络 • 二是软件上,通信协议上,是如何实现通信的。 • 软件:Linux网络架构 ⇒ Linux下的80211 无线网络架构

  3. 802.11和OSI模型

  4. 80211 Wireless LAN • BSS stands for Basic Service Set. The coverage of an access point is called a BSS. • STA indicates a wireless device acting in BSS as a regular STAtion. • IBSS stands for Independent Basic Service Set. Its basically Ad-Hoc mode. • SSID stands for Service Set IDentifier. The SSID is a code attached to all packets on a wireless network to identify each packet as part of that network. The code consists of a string of 1-32 octets (usually represented as case sensitive alphanumeric characters).

  5. 无线信号传输方式 • 窄带无线电通信(Narrow-Band Radio) • 这种技术类似于无线电台的广播,必须把发送器和接收器都调拨到同一频带。 • 无线电信号可以穿越墙物,在一个很广的域内传播,所以不必把它调聚成束。 • 然而,窄带射频发送有无线电波反射的问题,并受联邦通信委员会管制,它们必须准确地进行调谐,以防其它频率的干扰。 • 扩展频谱通信(Spread Spectrum Communication) • 简称扩频通信,是一种信息传输方式,其信号所占有的频带宽度远大于所传信息必需的最小带宽。 • 频带的扩展是通过一个独立的码序列(一般是伪随机码)来完成,用编码及调制的方法来实现的,与所传信息数据无关 • 在接收端则用同样的码进行相关同步接收、解扩及恢复所传信息数据。 • 这种技术是在一个很宽的频率范围内广播信号,避免在窄带无线电通信中遇到的问题。 • 用一种编码来传播信号,接收站用同一编码来恢复信号。用这种方法,扩频无 线电信号能工作在其它信号所占据的频率范围内。 • 扩频无线电信号不会干涉常规的无线电广播,这是因为它的能量十分微弱。

  6. 80211 Frame Type • Management Frames • Authentication frame, Deauthentication frame • Association request frame, Association response frame, Disassociation frame • Reassociation request frame, Reassociation response frame • Beacon Frame:Authentication frame, Deauthentication frame • Probe request frame, Probe response frame • Control Frames • Request to Send (RTS) frame • Clear to Send (CTS) frame(Use RTS/CTS to avoid hidden station problem) • Acknowledgement (ACK) frame • Data Frames

  7. CSMA/CA • CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) • A station wishing to transmit senses the air, and, if no activity is detected, the station waits an additional, randomly selected period of time and then transmits if the medium is still free. If the packet is received intact, the receiving station issues an ACK frame that, once successfully received by the sender, completes the process. If the ACK frame is not detected by the sending station, either because the original data packet was not received intact or the ACK was not received intact, a collision is assumed to have occurred and the data packet is transmitted again after waiting another random amount of time.

  8. MLME • MLME Stands for Media Access Control (MAC) Sublayer Management Entity. MLME is the management entity where the Physical layer (PHY) MAC state machines reside.

  9. Linux无线网络架构 wext/WE是Wireless Extensions的缩写

  10. Linux网络设备工作原理

  11. FullMAC and SoftMAC • FullMAC is a term used to describe a type of wireless card where the MLME is managed in hardware. You would not use mac80211 to write a FullMAC wireless driver. • SoftMAC is a term used to describe a type of wireless card where the MLME is expected to be managed in software. mac80211 is a driver API for SoftMAC wireless cards, for example.

  12. Radiotap • Radiotap 是一个标准,用于802.11的 帧接收(frame reception)和帧注入(frame injection) • 所谓的帧接收,就是硬件(网卡)用中断通知CPU,一个数据帧到了,要CPU去接收。一般是在将无线网卡设置为混杂模式的时候,底层接受到数据帧之后,不处理,而是直接传送给上层处理,一般用于分析无线网络数据传输的时候,分析网络问题到底出现在哪。

  13. Code structure • Most important for driver authors: • include/net/mac80211.h • This file defines the API to mac80211 from below.

  14. Code structure • All files except the header file are in net/mac80211/. • Kconfig, Makefile build system • ieee80211 i.h most internal data structures • main.c main module entry points • main entry points for driver calls (reg/dereg) • iface.c virtual interface handling • key.c, key.h key management • sta info.c, sta info.h Station (peer) management • pm.c power management (suspend/hibernate) • rate.c, rate.h internal rate control functions • rc80211* rate control algorithms • rx.c frame receive path • tx.c frame transmit path • scan.c software scanning code

  15. Code structure • ht.c, agg-rx.c, agg-tx.c HT/aggregation code • mesh{, hwmp, plink, pathtbl}.{c,h} 802.11s mesh • mlme.c Station/managed mode MLME • ibss.c IBSS MLME • cfg.c, cfg.h, wext.c configuration entry points • event.c events to userspace • spectmgmt.c spectrum management code • aes*, tkip.*, wep.*, michael.*, wpa.* WPA/RSN/WEP code • wme.c, wme.h some QoS code • util.c utility functions • led.c, led.h LED handling • debugfs* debugfs code

  16. Data structures • ieee80211_local/ieee80211_hw • sta_info/ieee80211_sta • ieee80211_conf • ieee80211_bss_conf • ieee80211_key/ieee80211_key_conf • ieee80211_tx_info • ieee80211_rx_status • ieee80211_sub_if_data/ieee80211_vif

  17. ieee80211_local/ieee80211_hw • each instance of these (hw is embedded into local) representsa wireless device • ieee80211_hw is the part of iieee80211_local that is visible todrivers • contains all operating information about a wireless device

  18. sta_info/ieee80211_sta • represents any station (peer) • could be mesh peer, IBSS peer, AP, WDS peer • would also be used for DLS peer • ieee80211_sta is driver-visible part • ieee80211_find_sta for drivers • lifetime managed mostly with RCU

  19. ieee80211_conf • hardware configuration • most importantly - current channel • intention: hardware specific parameters

  20. ieee80211_bss_conf • BSS configuration • for all kinds of BSSes (IBSS/AP/managed) • contains e.g. basic rate bitmap • intention: per BSS parameters in case hardware supportscreating/associating with multiple BSSes

  21. ieee80211_key/ieee80211_key_conf • represents an encryption/decryption key • ieee80211_key_conf given to driver for hardware acceleration • ieee80211_key contains internal book-keeping and softwareencryption state

  22. ieee80211_tx_info • most complicated data structure • lives inside skb’s control buffer (cb) • goes through three stages (substructure for each) • initialisation by mac80211 (control) • use by driver (driver_data/rate_driver_data) • use for TX status reporting (status)

  23. ieee80211_rx_status • contains status about a received frame • passed by driver to mac80211 with a received frame

  24. ieee80211_sub_if_data/ieee80211_vif • contains information about each virtual interface • ieee80211_vif is passed to driver for those virtual interfacesthe driver knows about (not monitor, VLAN) • contains sub-structures depending on mode • ieee80211_if_ap • ieee80211_if_wds • ieee80211_if_vlan • ieee80211_if_managed • ieee80211_if_ibss • ieee80211_if_mesh

  25. Main flows • configuration • receive path • transmit path • management/MLME

  26. Main flows – configuration • all initiated from userspace (wext or nl80211) • for managed and IBSS modes: triggers statemachine (onworkqueue) • some operations passed through to driver more or less directly(e.g. channel setting)

  27. Main flows – receive path • packet received by driver • passed to mac80211’s rx function (ieee80211_rx) withrx_status info • for each interface that the packet might belong to • RX handlers are invoked • data: converted to 802.3, delivered to networking stack • management: delivered to MLME

  28. Main flows – transmit path • packet handed to virtual interface’s ieee80211_subif_start_xmit • converted to 802.11 format • sent to master interface • packet handed to ieee80211_master_start_xmit • transmit handlers run, control information created • packet given to driver

  29. transmit handlers • ieee80211_tx_h_check_assoc • ieee80211_tx_h_ps_buf • ieee80211_tx_h_select_key • ieee80211_tx_h_michael_mic_add • ieee80211_tx_h_rate_ctrl • ieee80211_tx_h_misc • ieee80211_tx_h_sequence • ieee80211_tx_h_fragment • ieee80211_tx_h_encrypt • ieee80211_tx_h_calculate_duration • ieee80211_tx_h_stats

  30. Main flows – management/MLME Main flows – management/MLME

  31. Main flows – management/MLME • Ok, so you didn’t want to know that precisely. • requests from user are translated to internal variables • state machine is run depending on user request • normal way looks like this: • probe request/response • auth request/response • assoc request/response • notification to userspace

  32. Main flows – management/MLME • For IBSS (wasn’t on the state machine slide) it’s simpler • try to find IBSS • join IBSS or create IBSS • if no peers periodically try to find IBSS to join

  33. 把握方向、脚踏实地; 顺势而为、随遇而安。 谢谢大家! 参考资料: http://www.crifan.com/files/doc/docbook/linux_wireless/release/html/linux_wireless.html mac80211 overview Johannes Martin Berg 2009-02-25 《深入理解Linux内核》第三版

More Related