840 likes | 1k Views
Chapter 9-MAC Architecture. Packets, frame and bits Data-Link layer MAC Service Data Unit (MSDU) MAC Protocol Data Unit (MPDU ) Physical layer PLCP Service Data Unit (PSDU) PLCP Protocol Data Unit (PPDU) 802.11 and 802.3 interoperability Three 802.11 frame types Management frames
E N D
Chapter 9-MAC Architecture • Packets, frame and bits • Data-Link layer • MAC Service Data Unit (MSDU) • MAC Protocol Data Unit (MPDU ) • Physical layer • PLCP Service Data Unit (PSDU) • PLCP Protocol Data Unit (PPDU) • 802.11 and 802.3 interoperability • Three 802.11 frame types • Management frames • Control frames • Data frames
Chapter 9-MAC Architecture • Beacon Management Frame (beacon) • Passive scanning • Active scanning • Authentication • Open System authentication • Shared Key authentication • Association • Authentication and association states • Basic and supported rates • Reassociation • Disassociation • Deauthentication • ACK frame • Fragmentation • Protection mechanism
Chapter 9-MAC Architecture • RTS/CTS • CTS-to-Self • Data frames • Power management • Active mode • Power Save mode • Traffic indication map (TIM) • Delivery traffic indication message (DTIM) • Announcement traffic indication message (ATIM) • WMM Power Save (WMM -PS) and U-APSD • 802.11n power management
Exam Essentials • Explain the differences between a PPDU, PSDU, MPDU, and MSDU. • Understand at which layer of the OSI model each data unit operates and what each data unit comprises. • Understand the similarities and differences of 802.11 frames and 802.3 frames. • The IEEE created both of these frame types. 802.11 and 802.3 frames share similar and different properties. Know how they compare to each other. • Know the three major 802.11 frame types. • Make sure you know the function of the management, control, and data frames. Know what makes the major frame types different. Data frames contain an MSDU, whereas management and control frames do not. Understand the purpose of each individual frame subtype. • Know the media access control (MAC) process and all of the frames that are used during this process. • Understand the function of each of the following: active scanning, passive scanning, beacon, probe request, probe response, authentication, association, reassociation, disassociation, deauthentication.
Exam Essentials • Know the importance of the ACK frame for determining that a unicast frame was received and uncorrupted. • Understand that after a unicast frame is transmitted, there is a short interframe space (SIFS) and then the receiving station replies by transmitting an ACK. If this process is completed successfully, the transmitting station knows the frame was received and was not corrupted. • Know the benefits and detriments of fragmentation. • By default, fragmentation adds overhead, and fragmented frames are inherently slower than unfragmented frames. If RF interference exists, fragmentation can reduce the amount of retransmitted overhead, thus actually increasing the data throughput. If fragmentation does increase throughput, this is a clear indication of a transmission problem such as multipath.
Exam Essentials • Understand the importance of ERP protection mechanisms and how they function. • Protected mode allows ERP (802.11g), HR-DSSS (802.11b), and legacy DSSS devices to coexist within the same BSS. Protected mode can be provided by RTS/CTS or CTS-to-Self. CTS-to-Self is strictly a protection mechanism, but RTS/CTS can also be manually configured and used to identify or prevent hidden nodes. • Understand all of the technologies that make up power management. • Power management can be enabled to decrease power usage and increase battery life. Understand how buffered unicast traffic is received in a different way than buffered broadcast and multicast traffic. Understand the power-management enhancements defined by WMM-PS.
Frames and Packets • Looking at MAC layer • How MSDU is encapsulated • Scanning for networks • What frames are used • ERP Protection Mechanism • RTS/CTS • CTS-to-Self • Power Management Pg 275
Packets, Frames and bits • Main goal is to get data from one computer to another • Data flows down from the top layers • Down to physical layer to convert to bits Pg 275
Data Link Layer • 802.2 LLC sub layer • MAC sub layer • 802.3 • 802.11 • etc Pg 276
Data Link Layer • MAC Service Data Unit (MSDU) • Layer 3-7 information that is encapsulated • Max size of 2, 304 bytes • MAC Protocol Data Unit • 802.11 frame • With 802.11 header and FCS Pg 276
Physical Layer • Physical Layer Convergence Procedure sublayer (PLCP) • Prepares the data link frame for transmission • Physical Medium Dependant Sublayer (PMD) • Modulates and sends data • PLCP Service Data Unit (PSDU) • Same as MPDU-but on physical side • PLCP Protocol Data Unit (PPDU) • Includes the preamble for synchronizations and the PHY header Pg 277
Data Link and Physical Layer Pg 278
802.11 and 802.3 interoperability • Integration Service enables delivery of MSDU between distribution system and non 802.11 LAN via a portal • Frame format transfer Pg 278
802.11 and 802.3 Frames • 802.11 and 802.3 frames are very similar • Similar Fields • Easy to translate • Frame sizes differ • 802.3-max frame is 1,518 bytes with max MSDU of 1,500 bytes • 802.11-max MSDU of 2,304 • However, IP MTU is usually 1500 bytes • Fragmentation happens at IP layer Pg 278
802.11 and 802.3 Frames • Addressing fields also different • 802.3 has only Source and Destination Address • 802.11 can have up to 4 address fields • Receiver address • Transmitter address • Destination address • Source address Pg 278
802.11 Management Frames • Used to join and leave the BSS • Also known as a Management MAC Protocol Date Unit (MMPDU) • Announcement traffic indication message (ATIM) • Disassociation • Authentication • Deauthentication • Action • Association Request • Association response • Reassociation request • Reassociation response • Probe request • Probe response • Beacon Pg 280
802.11 Control Frames • Assist with delivery • Used with power saving • Clear the channel, acquire the channel, provide ACK • Power Save (PS)-Poll • Request to send (RTS) • Clear to send (CTS) • Acknowledgment (ACK) • Contention-Free (CF)-End [PCF only] • CF-End + CF-ACK [PCF only] • Block ACK Request [HCF] • Block ACK [HCF] Pg 280
802.11 Data Frames • Carry the actual data • Data subtype and null function subtype are the key ones • QoS Data [HCF] • QoS Null (no data) [HCF] • QoS Data + CF-ACK [HCF] • QoS Data + CF-Poll [HCF] • QoS Data + CF-ACK + CF-Poll [HCF] • QoS CF-Poll (no data) [HCF] • QoS CF-ACK + CF-Poll (no data) [HCF] • Data (simple data frame) • Null function (no data) • Data + CF-ACK [PCF only] • Data + CF-Poll [PCF only] • Data + CF-ACK + CF-Poll [PCF only] • CF-ACK (no data) [PCF only] • CF-Poll (no data) [PCF only] • CF-ACK + CF-Poll (no data) [PCF only] Pg 281
Beacon Management Frame (Beacon) • Heartbeat of the wireless network • AP sends the beacon with information about the BSS • Client stations only transmit beacons when part of an IBSS • Beacon has time stamp to ensure synchronization between client and AP • Transmitted about 10 times per second • Sometimes configurable Pg 283
Beacon Management Frame (Beacon) • Time stamp: Synchronization information • Spread spectrum parameter sets: FHSS-, DSSS-, or ERP-specific information • Channel information: Channel used by the AP or IBSS • Data rates: Basic and supported rates • Service set capabilities: Extra BBS or IBSS parameters • SSID: Logical WLAN name • Traffic indication map (TIM): A field used during the Power Save process • QoS capabilities: Quality of service and EDCA information • Security capabilities: TKIP or CCMP cipher information • Vendor proprietary information: Vendor-unique or vendor-specific information Pg 283
Passive Scanning • Client station listens for beacon frames from APs • If the AP is using and SSID that is programmed into the client software, it wil try to connect to the network • If multiple beacons with same SSID, it will try to find the AP with best signal Pg 284
Active Scanning • Client station transmits probe requests • Type of management frame • Probe Request can have the SSID of a specific WLAN or be blank • If looking for ANY SSID, the SSID field is set to null • Null probe request • If SSID field has name • Directed probe request Pg 284
Probe Requests • With an directed probe request, APs with the specific SSID receive the request, they send a probe response • Same information as you find in a beacon frame except no TIM • Enough information for client station to learn about network before joining • APs that receive a null probe request should reply with a probe response as well Pg 284
Network Scanning • Beacon frames are only broadcast out on the channel that is in use by the AP • Passive scanning could miss it • Active scanning uses probe request frames that are sent out across all available channels by the client station. • If probe responses from multiple access points, signal strength and quality characteristics are typically used by the client station to determine which access point has the best signal and thus which access point to connect to. • The client station will sequentially send probe requests on each of the supported channels. • Client stations will often go off channel to send additional probe requests • Keep an updated list of APs to assist in roaming Pg 285
Authentication • Not the traditional username and password • Authenticating to the network • Open Systems Authentication • Null authentication • Everyone gets in • Now used with 802.1X/EAP to provide better security • Shared Key Authentication • Uses WEP key to respond to a challenge response • WEP key is then used for encryption as well • SECURITY RISK!!!! Pg 286
Association • After Authentication, Client sends a request to associate to the BSS • Association means the client can send data through the AP • AP sends association response • Grant or deny permission • Includes and Association Identifier (AID) • Unique number for each client • Used with power management Pg 288
Authentication & Association States • Authentication: unauthenticated or authenticated • Association: unassociated or associated • State1-initial state-unauthenticated and unassociated • State2-authenticated and unassociated • State3-authenticated and associated Pg 289
Basic and Supported Rates • 802.11-2007 required rates are the basic rates • Different from supported rates • In order to associate, the client station must support the required rates the AP supports • Supported rates are advertised in the beacon frames Pg 290
Roaming • Ability of client stations to move between APs while maintaining connectivity • Decision to roam is made by client station • Based on proprietary process • Related to signal strength from current AP and nearby APs • APs must help manage a clean transfer Pg 290
Reassociation • Reassociating to the SSID of the ESS 1. In the first step, the client station sends a reassociation request frame to the new access point. As shown in Exercise 9.7, the reassociation request frame includes the BSSID (MAC address) of the access point it is currently connected to (we will refer to this as the original AP). 2. The new access point then replies to the station with an ACK. 3. The new access point attempts to communicate with the original AP by using the distribution system medium (DSM). The new access point attempts to notify the original AP about the roaming client and requests that the original AP forward any buffered data. Please remember that any communications between APs via the DSM are not defined by the 802.11-2007 standard and are proprietary. In a controller-based WLAN solution, the inter-access point communications occur within the controller. 4. If this communication is successful, the original access point will use the distribution system medium to forward any buffered data to the new access point. 5. The new access point then sends a reassociation response frame to the client via the wireless network. 6. The client sends an ACK to the new access point. The client does not need to send a disassociation frame to the original access point, because the client assumes that the two access points have communicated with each other across the distribution system medium. Pg 291
Disassociation & Deauthentication • Both are notifications, not requests • Disassociation • Can be sent from AP or client station • Cannot be refused • If the message is missed, the protocol deals with it • Deauthentication • Sent from client or AP • Will also cause dissasociation Pg 292
ACK frames • One of six control frames • Key to network functionality • Sent for each unicast frame • Highest priority frame • 14 bytes • Receiver address only Pg 292