IEEE 802.11
Introduction
Media Access
Frame Format
Management Operations
Physical Layers
Deployment
Miscellaneous –
IEEE 802.11n, IEEE 802.16, & RadioTap
Lab Exercises
Next generation WLAN
©NetProWise
Pre-Requisites
WLAN Overview
©NetProWise
WLAN
©NetProWise
WLAN – Advantages
WLAN Overview
Mobility
Flexible
Planning
Design
Robustness
©NetProWise
WLAN Standards
WLAN Overview
IEEE 802.11
Infra-red
HIPERLAN/2
Bluetooth
…
©NetProWise
History
WLAN Overview
©NetProWise
Companion or Evolution Specifications
WLAN Overview
©NetProWise
IEEE 802.11 WLAN - Architecture
Overview
©NetProWise
Infrastructure & Independent WLANs
Overview
©NetProWise
802.11 Layer Description
802.2
Data Link
New Overview
Physical
DS FH IR Layer
©NetProWise
IEEE 802.11 Frame with LLC & MAC
Ethernet Frame
MAC Data
New Overview
©NetProWise
Link Layer – CSMA/CA
Carrier Sense (CS)
Media Access (MA)
Collision Avoidance (CA)
New OverView
©NetProWise
Physical Layers
Radio
Spread Spectrum
Technology
New OverView
Direct Sequence
Spread Spectrum
(DSSS)
Frequency Hopping
Spread Spectrum
(FHSS)
©NetProWise
Challenges & Issues
Error Prone Medium
Inherently Shared Medium
Natural limitations
Unique problems – Hidden & Exposed Stations
Mobility
Regulation
Cost
Inter-working
©NetProWise
WLAN Design Goals
Global Operation
Low Power
License-free operation
New OverView
©NetProWise
WLAN Applications
Inventory Control
Hospital
Hotel
New OverView
Training
Trade Shows
Networking old buildings
IP-Zone
©NetProWise
WLAN Vendors
©NetProWise
IEEE 802.11 Market Size
New OverView
©NetProWise
Demo
Infrastructure Network
Two Wireless stations
One Switch/hub
One AP
New OverView
AirPcap
Adaptor
©NetProWise
File Transfer Application
Transfer a file from one wireless station to another
Capture some IEEE 802.11 frames using the adaptor &
Wireshark
New Overview
©NetProWise
WireShark Tutorial
©NetProWise
Content
Wireless LAN Overview
Ethernet Basics
Mobile & Wireless Basics
New Overview
©NetProWise
Relation to OSI Reference Model
New Overview
©NetProWise
LAN Standards
• 802.1 Overview.
• 802.2 LLC.
• 802.3 CSMA/CD (Ethernet).
New Overview
802.2 LLC
802.3 802.4 802.5 802.6
CSMA/CD Token Bus Token Ring DQDB FDDI
©NetProWise
IEEE 802.2 Encapsulation
New Overview
©NetProWise
Basic Ethernet Frame Format
22
MAC
Header
©NetProWise
Ethernet Address
Six Octets in size
Hard coded to NIC and unique
Represented in hexadecimal form
Example: 08:56:27:6f:2b:9c
Most significant 3 octets code vendor id
The other 3 octets are vendor generated
All octets set to “ff” to indicate broadcast
“01:00:5e” in most significant octets indicates multicast :
Example:
Multicast address derived from multicast IP address (Class D)
©NetProWise
Extending LAN Segments
Due to noise and attenuation, length of LAN segments are
limited to few hundred meters.
Several different networking elements are used to extend the
span of LANs.
These enhancements still have to satisfy the round trip constraint
and other constraints suggested by the standards.
©NetProWise
Repeater
Repeater is bidirectional Analog amplifier that amplifies and
retransmits signals.
Layer 1 Device.
Can double the size of a LAN segment.
Segment 1 Segment 2
R 6
6
©NetProWise
Repeater
Standard suggests a limit of 4 Repeaters between any two
stations on LAN.
A maximum of 5 segments.
Repeaters don’t understand frame formats.
Collision affect the entire extended network.
Noise propagates throughout the extended network.
©NetProWise
Hub
Hub is a multilink repeater with star topology
In other respects, a hub is similar to a repeater
Stations
Hub
©NetProWise
Bridge
Bridge is a device that connects two or more LAN segments.
Unlike Repeater, Bridge receives, processes, and retransmits frames.
Bridge is invisible to the other attached computers.
Segment 1 Segment 2
P1 P2
B
P3
Segment 3
©NetProWise
Bridge Characteristics
Layer 2 Device.
Can do frame filtering.
Isolate collision and noise.
©NetProWise
Bridging
Bridge uses a forwarding table to forward frames.
Initially, this table is empty.
Table populated by examining the source address in frames received.
If there is no forwarding entry for a frame, then is forwarded to all the
other ports.
©NetProWise
Switches
Switch is a bridge that is configured to work like a hub in a star
topology.
Frame received in port is processed and forwarded to the right
port using a forwarding table.
Each computer thinks it is on segment by itself.
Unlike bridges, switches support large number of ports.
…
P1 P32
Switch
To
Uplink
©NetProWise
Bridge versus Switch
Bridge: Switch:
Supports less than 5 The workgroup switch,
ports (interfaces) one of the smallest,
Software can support 16/32/64
implementation can ports
easily handle the traffic Port volume requires
Interface connects to a hardware solution
LAN segment
Interface connects to a
Price per port is higher
computer
than comparable switch
Price per port is very
low
©NetProWise
Broadcast Storm
©NetProWise
Invalid Bridging Entry
©NetProWise
Spanning Tree Algorithm(STA)
Converts a graph with cycle to a rooted tree.
There are a number of algorithms in the literature:
Root
STA
Bridge
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment
Lab Exercises
©NetProWise
Mobile and Wireless Concepts
Characteristics
Fixed and wired
Mobile and wired
Fixed and wireless
Mobile and wireless
©NetProWise
Signal, Carrier, and Medium
source signal
destination
Carrier
T
©NetProWise
Modulation, Multiplexing, and Coding
Modulation is the process of modifying the carrier with signal before
transmitting it to destination.
Demodulation is the process of extracting the signal from the modified
carrier at the destination.
Multiplexing is the process of mixing multiple signals at the source so
that all these signals can be sent in the medium concurrently.
Demultiplexing is the process of separating individual signals at the
destination.
Coding is the digital equivalent of modulation. It maps one form digital
signal to another form of digital signal. Coding is done for security and
easier transmission at the source.
Decoding the reverse mapping of extracting original digital signal from
the coded signal at the destination.
©NetProWise
RF and IR Transport
2.4GHz 2.48GHz
©NetProWise
WLAN frequency band
©NetProWise
Signal Representation
©NetProWise
Time domain representation of a signal
Periodic signals:
g (t)=At sin(2∏ftt + t)
Fourier: ∞ ∞
g (t)= ½ c+n=1
an Cos(2∏nft)+ n=1
bn Sin(2∏nft)
T f = 1/T 0
360
0 0 0 0
90 180 270 360
©NetProWise
Square in terms of Sine waves
©NetProWise
Frequency Spectrum
Wireless transmission
©NetProWise
Examples for Frequency allocations
Europe US JAPAN
NMT AMPS,TDMA,CDMA PDC
453-457MHz 824-849 MHz 810-826MHz,
463-467MHz 869-894MHz; 940-956MHz
GSM,TDMA,CDMA
Mobile phones GSM 1429-1465MHz,
Wireless transmission
IEEE802.11
2400-2483MHz IEEE 802.11
Wireless LANs IEEE802.11
2471-2497MHz
HIPERLAN1 2400-2483MHz
5176-5270MHz
©NetProWise
Signal Representation in different domains
f1 f2
T f = 1/T
Amplitude
frequency
A
Frequency Domain
MCosφ
Time Domain Φ
Phase Domain
©NetProWise
Path Loss & Other effects*
Line of sight (LOS)
Free Space Loss
Effect of weather
Long waves versus Short waves
Shadowing or Blocking
Scattering
Reflection
Refraction
Diffraction
Multi-path propagation
Delay-Spread
©NetProWise
Multiplexing
©NetProWise
Analog Modulation
Time
Basic Analog modulation
V
Amplitude
techniques
Amplitude modulation
T
Frequency modulation
f = 1/T 0 0 0 0
90
0
180
0 0
270 360
0
90 180 270 360
Phase modulation
Phase
Combinations of the
Carrier Wave
above
©NetProWise
Digital Modulation
©NetProWise
Digital Amplitude Modulation
We can code
Zero amplitude as 0 or 1
Non-zero amplitude as 1 or 0
©NetProWise
Frequency Shift Keying
©NetProWise
Phase Shift Keying
©NetProWise
QPSK in the phase domain
Q
Q 11
10
I
1 0 I
00 01
©NetProWise
QPSK in the time domain
©NetProWise
Quadrature amplitude modulation
Amplitude
Phase
©NetProWise
Minimum Shift Keying (data 1011010)
1 1 1 1
Data
0 0 0
Even
bits
Odd
bits
Low
frequency
High
frequency
MSK
signal
©NetProWise
Spread spectrum
p p
f f
p p p
f f
f User signal
Broadband interface
Narrowband interface
©NetProWise
CDMA - Spreading with DSSS
©NetProWise
CDMA - Frequency Hopping Spread Spectrum
tb
User data
0 1 0 1 1 t
f td
f3 Slow hopping
f2 (3 bits/hop)
f1
f td t
f3
f2 fast hopping
(3
f1 hops/bit)
t
©NetProWise
CDM Background
Vector
Vector dot-product
Orthogonality
©NetProWise
4 Mutually Orthogonal or vectors
u: 1 1 1 1
v: 1 1 -1 -1
w: 1 -1 -1 1
x: 1 -1 1 -1
©NetProWise
CDM - Background
For vectors a and b
©NetProWise
Code Division Multiplexing
• Data to be transmitted: 1, 0, 1, 1 2 Orthogonal Chip Codes
• Chip Code 1: b – (1,-1); -b – (-1, 1)
• Code data to be transmitted with b
a: 1 1
• Transmitted Vector
• 1, -1, -1, 1, 1, -1, 1, -1
b: 1 -1
• Data to be transmitted: 0, 0, 1, 1
• Chip Code 2: a – (1,1); -a – (-1, -1)
• Code data to be transmitted with a
• Transmitted Vector
• -1, -1, -1, -1, 1, 1, 1, 1
• Receiver decoding for b:
• Sum of the transmission vector
• (1, -1).(0, -2) = 0+2 = 2 > 0
• 0, -2, -2, 0, 2, 0 , 2, 0
• (1, 1).(0, -2) = 0+-2 = -2 < 0
©NetProWise
CDMA versus TDMA, FDMA
Unlike TDMA, CDMA transmits data from all the input channels
simultaneously!
Unlike FDMA, CDMA uses single frequency to transmit all the
input channels simultaneously!
©NetProWise
CDMA Limitation
It assumes all the channels start and stop their transmission
synchronously!
©NetProWise
Asynchronous CDMA
©NetProWise
CDMA Summary
CDMA operates by:
Encoding the each input channel data using a unique (chip) code
Summing the encoded data from all the channels
Transmitting the resulting sum
On reception, each channel data is separated using the respective
chip (code) from the sum and decoded
©NetProWise
Orthogonal Frequency Division
Multiplexing (OFDM)
OFDM is based on FDM & TDM
Carrier Channel is divided into multiple sub carrier channels
Each channel carries a portion of the user information.
Each sub carrier channel is orthogonal with every other sub
carrier
OFDM is also referred to as Multi-tone modulation
Applications: DSL, WLAN, BT, DAB, Powerline Ethernet
©NetProWise
OFDM – Frequency Domain
Representation
©NetProWise
OFDM versus CDMA
The mathematics underlying the CDMA is more complicated
than in OFDM
OFDM encodes a single transmission into multiple sub carriers.
CDMA encodes multiple transmissions onto a single carrier.
OFDM handles multi-path spread better.
Both make use of orthogonal property in multiplexing signals.
©NetProWise
Hidden and exposed terminals
A B C
A can hear B
C can hear B
A cannot hear C
C cannot hear A sending data
©NetProWise
Near and far terminals
A B C
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment
Lab Exercises
©NetProWise
IEEE 802 Network Technology Family
Tree
802
Overview Data Link
And 802.1
Layer LLC
architecture Management 802.2 Logical Link control(LLC) sublayer
©NetProWise
IEEE 802.2 Encapsulation
©NetProWise
Basic Ethernet Frame Format
22
MAC
Header
©NetProWise
IEEE 802.11 protocol architecture and management
Station management
LLC
DLC
PMD
©NetProWise
Components of 802.11 LANs
Distribution Wireless Stations
System Medium
Access
Point
Access
Point
©NetProWise
Independent and Infrastructure BSSs
Independent BSS
Infrastructure BSS
©NetProWise
Extended Service Set
BSS1
BSS3
BSS2 BSS4
Router
Internet
©NetProWise
Distribution system in common 802.11
access points implementation
Backbone network
Bridge
Bridge
Distribution
system
Wireless
medium Station Station Station
A B C
©NetProWise
Network Services
1. Distribution
2. Integration
3. Association
4. Reassociation
5. Disassociation
6. Authentication
7. De-authentication
8. Privacy
9. MSDU (MAC Service Data Unit) Delivery
©NetProWise
Overlapping BSSs in an ESS
BSS1
BSS2 BSS3
BSS4
©NetProWise
Overlapping Network Types
AP’s
Basic
Service
area
©NetProWise
BSS transition
DS
BSS1,ESS1 BSS2,ESS2
BSS3,ESS3
T=1 T=2
©NetProWise
Inter AP Protocol (IAPP)
©NetProWise
ESS transition
Seamless
transition not
supported
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access- Distributed Coordinated Function
(DCF)
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment
Lab Exercises
©NetProWise
Challenges for the MAC
RF Link Quality
Hidden Node Problem
Exposed Node Problem
©NetProWise
Positive acknowledgment of data
transmissions
Time
Frame
ACK
©NetProWise
Nodes 1 and 3 are hidden
1 2
3
©NetProWise
RTS/CTS clearing
1 2
RTS
1) RTS
1 CTS
3) Frame 3
4) ACK
Frame
2) CTS ACK
©NetProWise
Power Save
©NetProWise
MAC Access Modes
Distributed Coordination Function (DCF)
Point Coordination Function (PCF)
Contention-free “Normal”
delivery Delivery
PCF
DCF
©NetProWise
Using the NAV for virtual carrier sensing
RTS data
Sender
SIFS SIFS
SIFS
CTS ACK1
receiver t
DIFS
NAV(RTS)
NAV NAV(CTS)
Carrier Sensing
1. Physical Carrier Sensing
2. Virtual Carrier Sensing
©NetProWise
Interframe spacing relationship
Contention
window(randomized
back-off
mechanism)
DIFS DIFS
PIFS
Medium busy SIFS frame transmission
Slot
time
©NetProWise
Contention Based Access using DCF
If the medium has been idle for longer than DIFS, transmission can begin
immediately. Both carrier-sensing are employed
Delivery/non-delivery of the last frame decides whether to wait DIFS or EIFS.
If the medium is busy, then access deferral is applied.
Error Recovery is the responsibility of the sender
Sender expects acknowledgement for all transmitted frames. Specifically, for
all unicast frames.
Retransmit frame until it is successful.
Multi frame sequence may update the NAV
RTS Threshold, Fragmentation threshold decide when to use RTS and when to
fragment respectively.
©NetProWise
Error Recovery with the DCF
Short Retry Counter
Long Retry Counter
Lifetime Counter
©NetProWise
MAC – Flow Chart
©NetProWise
Other Rules Applied
Error Recovery is the responsibility of the sender
Sender expects acknowledgement for all transmitted frames.
Retransmit frame until it is successful.
Multi-frame Sequence can update NAV with each step.
Fragments get the same priority as CTS/RTS, ACK
Packets that are larger than configured RTS threshold must have
RTS/CTS exchange (Extended Frame Sequence).
Packets larger than fragmentation threshold must be fragmented.
©NetProWise
Error Recovery with DCF
Error indication – Lack of positive ACK or NAK
Short Retry Counter
Long Retry Counter
©NetProWise
Back-off with the DCF
Contention Window or back-off window follows DIFS
Contention Window is divided into slots.
Slot length medium (speed) dependent
Stations Randomly choose a slot
All slots are equally likely selections
Station that picks the earliest slot wins
©NetProWise
DSSS contention window size
31 slots
Initial Previous DIFS
attempt frame
63 slots
1st Previous DIFS
transmission frame
127 slots
2nd Previous DIFS
transmission frame
255 slots
3rd Previous DIFS
transmission
frame
511 slots
4th Previous DIFS
transmission frame
©NetProWise
Fragmentation and Reassembly
DIFS
SIFS SIFS SIFS SIFS Block of
Sender slots
RTS Fragment0 Fragment1 Fragment2
CTS ACK0 ACK1 ACK2 t
receiver
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment
Lab Exercises
©NetProWise
Generic 802.11 MAC frame
Direction of Transmission
Least Most
Significant bit Significant bit
bytes 0-
2 2 6 6 6 2 6 2312 4
©NetProWise
Frame control field
bytes 0-
2 2 6 6 6 2 6 2312 4
Frame
Duration Address Sequence Address
control Address Address Frame
ID control 4 FCS
1 2 3
body
2 2 1 1 1 1 1 1 1 1
bits 4
From More
protocol Type=data Sub type To DS
DS frag
Retry Pwr More WEP order
Mgmt Data
b2 b3
©NetProWise
Type field
Type field encodes (b3 b2)
Management Frames (00)
Control Frames (01)
Data Frames (10)
Reserved (11)
©NetProWise
Management Subtypes (00)
Association Request (0000 – b7 b6 b5 b4)
Association Response (0001)
Reassociation Request (0010)
Reassociation Response (0011)
Probe Request (0100)
Probe Response (0101)
Beacon (1000)
ATIM - Announcement Traffic Indication Message (1001)
Disassociation (1010)
Authentication (1011)
Deauthentication (1100)
©NetProWise
Control Frame (01)
Power Save (PS)-Poll (1010 – b7 b6 b5 b4)
RTS (1011)
CTS (1100)
Acknowledgment –ACK (1101)
Contention-Free(CF)-End (1110)
CF-End+CF-Ack (1111)
©NetProWise
Data Frames (10)
Data (0000 b7 b6 b5 b4)
Data+CF-Ack (0001)
Data+CF-Poll (0010)
Data+CF-Ack+CF-Poll (0011)
Null data (no data transmitted) (0100)
CF-Ack (no data transmitted) (0101)
CF-Poll (no data transmitted) (0110)
Data+CF-Ack+CF-Poll (0111)
©NetProWise
ToDS and FromDS bits
ToDS=0 ToDS=1
Data frames Wireless Station of
FromDS=0 All frames of IBSS Infrastructure network
Data frames received for a Wireless
FromDS=1 station in an infrastructure network Data frames on "wireless bridge"
©NetProWise
More Fragments bit
Behaves like IP Fragmentation flag
©NetProWise
Retry bit
This bit is set to 1 in retransmitted frames
Receiver can eliminate duplicate frames using this bit
WLAN Overview
©NetProWise
Power Management bit
Used to conserve battery life
If set to 1 indicates that the sender will be in power-saving mode
Overview
©NetProWise
More data bit
Indicates that there is at least one frame available for a dozing
station.
WLAN Overview
Set by an AP
©NetProWise
WEP (Wired Equivalent Privacy) bit
Indicates that the frame has gone through WEP processing
WLAN Overview
©NetProWise
Order bit
Frames and fragments can be transmitted in order
WLAN Overview
©NetProWise
Duration /ID Field
Duration
(NAV) 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
WLAN Overview
0
Least significant Most significant
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
PS-Poll
frames 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
©NetProWise
Sequence control field
bytes 0-
WLAN Overview
6 6 2312
2 2 6 6 2 4
bits
4 12
©NetProWise
Address Fields
4 – Address Fields
Destination, Source, Receiver, Transmitter, & BSSID
WLAN Overview
©NetProWise
Frame Check Sequence
FCS is checked by the receiver
The result of this checking is sent as an acknowledgement by the
WLAN Overview
receiver
Recalculated during hop.
©NetProWise
IP Encapsulation in 802.11
6 6 2 Variable 4
Destination Type IP
Ethernet Source
MAC 0X800(IP) Packet FCS
MAC
0X0806(ARP)
WLAN Overview
Recalculate
12 1 1 1 3 Copy Copy
12 SNAP header
SNAP SNAP RFC 1042 IP
RFC1042 MAC DSAP DSAP Control Encapsulation
Type Packet FCS
headers 0xAA 0xAA 0x03(UI) 0x00-00-00
24 or 30
©NetProWise
Contention-Based Data Services
Broadcast and Multicast Frames
Directed Frames
Basic
Fragmented
RTS/CTS Lockout
RTS/CTS Fragmented
Power Savings Mode
©NetProWise
Broadcast/multicast data and broad cast
management atomic frame exchange
DIFS
DIFS Contention window
Contention window For next exchange
End or prior SIFS Data(bc/mc)
Frame Management(bc)
data
exchange
NAV Prior
t
exchange
©NetProWise
Basic positive acknowledgment of
data(unicast frames)
DIFS
SIFS SIFS
station2 data
data
station1 ACK
t
SIFS
ACK+SIFS
station2
NAV
station1 t
©NetProWise
Fragmentation
SIFS SIFS
NAV2=data3+2xACK+3xSIFS
NAV1=data2+2xACK+3xSIFS
NAV station2
station1 ACK1=data2+2xACK NAV2=data3+2xACK t
©NetProWise
RTS/CTS lockout
SIFS
RTS data
data
CTS ACK
t
SIFS SIFS
Data=
ACK+SIFS
RTS=3xSIFS+Data+ACK
NAV
CTS=RTS-(CTS+SIFS) t
©NetProWise
RTS/CTS with fragmentation
SIFS SIFS
Data1
RTS
NAV station2
station1 CTS ACK1 t
©NetProWise
Immediate power-saving(ps)poll
response
SIFS
Medium seized
by data frame
Implied:
Station SIFS+ACK
NAV
Access point
data t
©NetProWise
Immediate power-saving(ps)poll
response with fragmentation
SIFS SIFS
SIFS
Medium seized
by data frame
Implied:
NAV ACK1
Station
NAV
Access point
data1 t
data2
©NetProWise
Deferred PS-poll response example
station Implied
NAV Access Point Data
t
©NetProWise
Generic Data Frame
0-
2 2 6 6 6 2 6 2,312 4
©NetProWise
Duration setting on final fragment
DIFS
Contention window
SIFS
Last fragment
station1
station1 ACK
SIFS
©NetProWise
Duration settings on nonfinal fragment
SIFS
fragmentX
station1 fragmentX+1
station2 ACKX ACKX+1
SIFS SIFS
Duration in FragmentX:fragmentx+1+3xSIFs+2xACK
NAV
©NetProWise
Use of the Address Fields
Address 1 Address 2
Function ToDS FromDS (receiver) (transmitter) Address 3 Address 4
IBSS 0 0 DA SA BSSID not used
To AP (infra) 1 0 BSSID SA DA not used
From AP (infra) 0 1 DA BSSID SA not used
WDS (bridge) 1 1 RA TA DA SA
©NetProWise
BSSID
Each BSS is assigned a BSSID
48-bit binary identifier
In infrastructure BSS, the BSSID is the MAC address of the
wireless interface in the AP.
IBSS must create its BSSID using random generation
The Universal/Local bit is set to 1
The Individual/Group bit is set to 0
©NetProWise
Address Field Usage in Frames to the
Distribution System
SA/TA RA(BSSID)
DS
AP DA
Client
Sever
©NetProWise
Address Field Usage in Frames from the
Distribution System
TA(BSSID)
RA/DA DS
AP
SA
Client
Sever
©NetProWise
Wireless Distribution Systems
RA
802.11
SA
TA
DA
AP
Client
Sever
©NetProWise
Data Frame of subtype Null
Mobile Station Access Point
Header FCS
Null frame;PM = 1
Frame Control
Mobile
station is
resting,
ACK begin
buffering
Power frames
Management = 1
©NetProWise
Frame Types
Data
Control
Management
©NetProWise
IBSS data Frame
bytes
2 2 6 6 2 6 4
Frame Duration ID Receiver Source BSSID Seq- ctl Frame FCS
Control adress/ address Body 0-
Destination 2,312
address
bits 1 1
2 2 4 1 1 1 1 1 1
Protocol Type = data Sub Type ToDs FromDs More Frag Retry Pwr Mgmt More WEP Order
0 0 0 1 0 0 Data
0000,Data
0010,Null
©NetProWise
Data Frames from the AP
bytes 0-
2 2 6 6 2 6 2,312 4
©NetProWise
WDS (Wireless DS) Frame
bytes 0-
2 2 6 6 6 2 6 2,312 4
©NetProWise
Frame Control Field in Control Frames
Bits
2 2 4 1 1 1 1 1 1 1 1
Protocol Type = data Sub Type ToDs FromDs More Frag Retry Pwr Mgmt More Data WEP Order
0 0 1 0 0 0 0 0 0 0 0
©NetProWise
RTS Frame
Bytes MAC header
2 2 6 6 4
Frame Duration Receiver Address Transmitter Address FCS
Control
bits 1 1 1 1 1
2 2 4 1 1 1
Protocol Type = Sub Type = RTS ToDs FromDs More Frag Retry Pwr Mgmt More Data WEP Order
0 0 Control 1 1 0 1 0 0 0 0 0 0 0
1 0
©NetProWise
Duration field in RTS frame
SIFS
station1 transmission
station2 CTS ACK
SIFS SIFS
Duration in RTS:3xSIFs+ACK+frametime
NAV
©NetProWise
CTS Frame
2 2 6 4
Frame Duration Receiver Address FCS
Control
bits 1
2 2 4 1 1 1 1 1 1 1
Protocol Type = Sub Type = CTS ToDs FromDs More Frag Retry Pwr Mgmt More Data WEP Order
0 0 Control 0 0 1 1 0 0 0 0 0 0 0
1 0
©NetProWise
CTS duration
SIFS
SIFS SIFS
Duration in CTS:RTS-CTS-1xSIFS
NAV
Duration in RTS:3xSIFs+ACK+frametime
©NetProWise
ACK Frame
2 2 6 4
Frame Duration Receiver Address FCS
Control
bits 1
2 2 4 1 1 1 1 1 1 1
Protocol Type = Sub Type = ACK ToDs 0 FromDs More Frag Retry Pwr Mgmt More Data WEP Order
0 0 Control 1 0 1 1 0 0 0 0 0
1 0
©NetProWise
Duration in non-final ACK frames
SIFS
fragmentX
station1 fragmentX+1
station2 ACKX ACKX+1
SIFS SIFS
Station 1’s
previous duration Duration in FragmentX=coverage to end of ACK+1
NAV
Station 2’s Duration in ACKX=Fragment X duration-ACK-
previous duration 1xSIFS
©NetProWise
PS-Poll Frame
MAC header
Bytes
2 2 6 6 4
Frame Associati BSSID Transmitter Address FCS
Control on ID
(AID)
bits
2 2 4 1 1 1 1 1 1 1 1
Protocol Type = Sub Type = ACK ToDs FromDs More Frag Retry Pwr Mgmt More Data WEP Order
0 0 Control 0 1 0 1 0 0 0 0 0 0 0
1 0
©NetProWise
Generic Management Frame
Information
MAC header elements and
Fixed fields
2 2 6 6 6 2 0-2,312 4
Frame Duration DA SA BSSID Seq-Ctl Frame FCS
Control Body
©NetProWise
Authentication Algorithm Number Field
16 Bits
Authentication algorithm
Least Significant number Most Significant
©NetProWise
Authentication transaction sequence
number field
16 Bits
Authentication transaction
Least Significant sequence number Most Significant
©NetProWise
Beacon Interval Field
16 Bits
Beacon interval
Least Significant Most Significant
©NetProWise
Capability Information Field
Bits
ESS IBSS CF- Pollable Privacy Short PBCC Channel agility Reserved
Preamble (802.11b) (802.11b)
©NetProWise
Current AP Address Field
Bytes
Current AP (MAC)
Bit 0 Bit 47
©NetProWise
Listen interval Field
Bits
Listen interval
Least Significant Most Significant
©NetProWise
Association ID Field
Bits 1-13 14 15
Association ID 1 1
©NetProWise
Timestamp Field
1-7
Bytes
Timestamp
Least Significant Most Significant
Bits 0 Bits 63
©NetProWise
Reason Code Field
Bits
Reason Code
Least Significant Most Significant
©NetProWise
Status Code Field
Status Code
Least Significant Most Significant
©NetProWise
Generic management frame information
element
Element ID length
©NetProWise
Service Set Identity Information
Element
Bytes 1 1 0-32
©NetProWise
Supported Rates information element
Data rate label
Element ID length least most
1 significant significant Mandatory
©NetProWise
FH Parameter Set information Element
Bytes 1 1 2 1 1 1
Element ID Length Dwell Time Hop set Hop pattern Hop Index
0 5
©NetProWise
DS Parameter Set information element
Bytes 1 1 1
©NetProWise
Traffic Indication Map Information
Element
Bytes 1 1 1 1 2 2
©NetProWise
IBSS Parameter Set Information
Element
Bytes 1 1 2
©NetProWise
Challenge Text Information Element
Bytes 1 1 1-253
Element ID Length Challenge
3 1 Text
©NetProWise
Beacon frame
2 2 6 6 6 2 Variable 4
Frame
Duration
control DA SA BSSID seqctrl Frame Body FCS
bytes
8 2 2 Variable 7 2 8 4 Variable
Timestamp Beacon Capability FH DS CF IBSS
Interval info SSID parameterset parameterset parameterset parameterset TIM
Mandatory optional
©NetProWise
Probe Request Frame
Bytes MAC header Frame body
2 2 6 6 2 Variable Variable 4
©NetProWise
Probe Response Frame
2 2 6 6 6 2 Variable 4
Frame
Duration
control DA SA BSSID seqctrl Frame Body FCS
bytes
8 2 2 Variable 7 2 8 4 Variable
Timestamp Between Capability FH DS CF IBSS
Interval info SSID parameterset parameterset parameterset parameterset
©NetProWise
ATIM Frame
Bytes MAC header
2 2 6 6 6 2 4
©NetProWise
Disassociation and Deauthentication
Frames
Bytes MAC header
2 2 6 6 6 2 2 4
Reason Code
©NetProWise
Association Request Frame
Bytes MAC header Frame body
2 2 6 6 6 2 2 2 variable variable 4
©NetProWise
Reassociation Request Frame
2 2 6 6 6 2 2 2 6 Variable Variable 4
Frame Duration DA SA BSSID Seq- ctl Capability Listen Current AP SS ID Supported FCS
Control Info Interval Address Rates
©NetProWise
(Re)Association Response Frame
2 2 2 variable
2 2 6 6 6 2 4
Frame Duration DA SA BSSID Seq- ctl Capability Status Association Supported FCS
Control Info code ID Rates
©NetProWise
Authentication Frames
2 2 2 variable
2 2 6 6 6 2 4
Frame Duration DA SA BSSID Seq- ctl Authentication Authentication Status Challenge FCS
Control Algorithm Transaction Code Text
Number Seq.No
©NetProWise
Overall 802.11 State Diagrams
State3
Class
1,2, and
Authenticated
3 frames and
Associated
Successful Disassociation
[re] association
Class 1 and 2 State2
frames or Authenticated Deauthorization
[re] association and
failure Unassociated
Successful
[re] authentication Deauthorization
Class 1 frames or State1
authentication
Unauthenticated
failure
and
Unassociated
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment - Security
Lab Exercises
©NetProWise
Two Approaches
Wired Equivalent Protocol (WEP)
IEEE 802.1X
©NetProWise
Security Objectives
Confidentiality
Authentication
Integrity
©NetProWise
Cryptography with Wired Equivalent
Protocol (WEP)
Employs RC4 PRNG to Encrypt/Decrypt data
RC4 PRNG
Symmetric Algorithm
40 bit encryption key + 24 bit initialization vector
64 bit string is used as seed to PRNG to generate a “key sequence”
ICV (integrity check value) is computed for plaintext (CRC-32)
ICV is concatenated to data stream
Key Sequence is XORéd to data stream to create ciphertext.
Ciphertext and IV (24 bits) are sent to receiver
©NetProWise
Generic Stream Cipher operation
source Destination
Data Keystream cipherstream Keystream Received data
0 1 1 1 0
1 1 0 1 1
0 1 1 1 0
1 0 1 0 1
1 0 1 0 1
0 1 1 1 0
0 0 0 0 0
0 1 1 1 0
. . . . .
©NetProWise
Keyed stream cipher operation
Source Destination
Key Key
Cipher Cipher
Cipher
text PRNG
PRNG
Data Data
XOR XOR
©NetProWise
WEP operations – Confidentiality &
Integrity
Integrity
24-bitIV
check
40-bit
WEP key ICV
64-bitRC4
RC4
RC4 key stream (as long as
algorithm
frame+ICV)
+ =
24-bitIV
Cipher frame+ICV
©NetProWise
WEP Keying
Uses a set of up to four default keys
May also use pairwise mapped keys
©NetProWise
WEP frame extension
IVheader
©NetProWise
Limitations of WEP
Integrity check
It is based on CRC, predictable; effective in finding single-bit
alterations with high probability
It should be based on hashing (unpredictable)
Reuse of key stream is a major weakness
IV field is not encrypted.
Key distribution
Key must be distributed to all stations participating in an 802.11
service set.
802.11 fails to specify a key distribution mechanism
Manually configuring the keys is not scalable
Users can view these keys
Keys can be accessed through SNMP interface!
©NetProWise
Some Solutions for WEP
Change default key
change WEP key frequently
Password Protect Client Drives and Folders
Change Default SSID
Use Sessions Keys If Available
Use MAC Filtering If Available
Use A VPN
©NetProWise
Two Approaches
Wired Equivalent Protocol (WEP)
IEEE 802.1X
©NetProWise
IEEE 802.1x
©NetProWise
EAP Architecture
AKA/ Token
Methods TLS
SIM card
EAP
EAP
Link
PPP 802.3 802.11
Layers
©NetProWise
EAP Packet Format
Bytes 1 1 2 Variable
©NetProWise
EAP Request and Response Packets
Bytes 1 1 2 1 Variable
©NetProWise
EAP Success and Failure Frames
Bytes 1 1 2
©NetProWise
Sample EAP Exchange
End-User Authenticator
System
1:Request / Identity
2:Response / Identity
3:Request / MD5 - Challenge
4:Response/NAK,generic token card
5:Request/ Generic token card
6:Response/ Generic token card (bad)
7:Request/ Generic token card
8:Response/ Generic token card (good)
9:Success
©NetProWise
802.1x Architecture
Authenticator
Authentication
Supplicant Sever
EAPOL
RADIUS
(PAE) (PAE)
©NetProWise
EAPOL Frame Format
MAC header
Bytes 6 6 2 1 1 2 variable 4
Destination Source Ethernet Version Packet Packet Packet FCS
Address Address Type 1 Type Body Body
88-8E Length
©NetProWise
Typical EAPOL Exchange
Supplicant Authenticator Radius
EAPOL RADIUS
1:EAPOL - Start
2:Request / Identify
3:Response/ Identify 3:Radius – Access - Request
4:EAP - Request 4: Radius – Access - Challenge
5:EAP- Response 5: Radius – Access - Request
6:EAP- Success 6: Radius – Access - Accept
(Access allowed )
7:EAP – Logoff
(Access blocked )
©NetProWise
EAPOL Exchange on an 802.11 Network
Supplicant Authenticator Radius
802.11
1:Association request RADIUS
2:Association response
EAPOL
3:EAPOL - Start 3:Radius – Access - Request
4: Request / Identity 4: Radius – Access - Challenge
5:EAP- Response/ Identify 5: Radius – Access - Request
6:EAP- Request 6: Radius – Access - Accept
7:EAP – Response
8:EAP – Success
9:EAPOL – Key (WEP)
©NetProWise
802.11x Supporting Public Ethernet Ports
ISP
Client RADIUS
1: Authenticate
6: Billing
4: Allow Corporate
Finance
2: Authenticate
5: Accounting 3: Allow
Internet
Corporate
AP
RADIUS
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment - Security
Lab Exercises
©NetProWise
Relationship Between Management Entities
MLME
©NetProWise
Management Operations
Scanning
Scan Report
Joining
©NetProWise
Scanning
Scanning is the first activity when a station wants to join a
service set.
The following parameters are used in scanning:
BSSType (independent, infrastructure, or both)
BSSID (individual or broadcast)
SSID (“network name”)
Scan Type (active or passive)
ChannelList
ProbeDelay
MinChannelTime
MaxChannelTime
©NetProWise
Passive Scanning
Beacon
Client
AP1
AP2
Found BSSs:
BSS1,AP1
BSS2,AP2
AP3
BSS3,AP3
AP4
©NetProWise
Active scanning
Probe
response
Probe
request
Minimum
Mobile station
response SIFS SIFS
(scanner)
DIFS time DIFS
Probe Response
AP1
Contention t
window
Probe
Response
AP2 t
©NetProWise
Scanning Report
At the end of scanning a report is produced
This report includes
BSSID
SSID
BSSType
Beacon interval (integer)
DTIM period (integer)
Timing parameters
PHY parameters, CF parameters, and IBSS parameters
BSSBasicRateSet
©NetProWise
Joining
Joining is a precursor to association
User intervention or automatic
Automatic then the decision based on power level and signal
strength
©NetProWise
Authentication
©NetProWise
Open- system authentication Exchange
©NetProWise
Shared-Key Authentication Exchange
1: Form – source (Identity)
Authentication algorithm – 1 (Shared Key)
Sequence number - 1
©NetProWise
Time savings of preauthentication
5
AP1 AP2
4
3
1 BSS1
BSS2
A. No preauthorization
©NetProWise
Scan Report
Beacon interval
DTIM period
Timing parameters
PHY parameters, CF parameters, IBSS parameters
BSSBasicRateSet
©NetProWise
Joining
Choosing which BSS to join
User intervention
Automatic
©NetProWise
Time Savings of Preauthentication
3
AP1 AP2
1.5 2
1 BSS1
BSS2
A. No preauthorization
©NetProWise
Association Procedure
1: Association request
3:Traffic
AP
©NetProWise
Reassociation Procedure
1:Reassociation request
“My old AP WAS..”
5:(Optional )
“Here are some frames
Buffered from your old AP
New AP
©NetProWise
Reassociation with the same access point
BSS
1
3: Reassociation
Exchange AP
©NetProWise
PS-Poll Frame Retrieval
AP
PS-Poll
Time
Frame 1, more data
ACK
PS-Poll
Frame 1, more data
ACK
PS-Poll
Frame 2
ACK
©NetProWise
Buffered frame retrieval process
Beacon
interval
TIM-Frame TIM-Frame TIM-Frame TIM-Frame TIM-No TIM-No
for 1 for 1and2 for 2 for 1and2 Frame Frame
Busy
AP
Ps- Ps-
t
poll poll
station1 CW t
frame
Busy
station2 CW
defer t
©NetProWise
Multicast and Broadcast buffer
transmission after DTIMS
BC MC BC MC
AP
t
station1 t
©NetProWise
ATIM Usage
ATIM “Don’t
Sleep, I have
data for you.”
C
B
a.Unicast or directional
©NetProWise
ATIM Usage
A
E
B C
D
B. Multicast
©NetProWise
ATIM window
Target
beacon times
Peacon
interval
Busy
ATM
Window
ATM
Window
ATM
Window
ATM
Window
t
©NetProWise
ATM effects on Power-saving modes
station1 t
©NetProWise
Effect ATIM on power-saving modes in
an IBSS network
Frame to 4
Sleep
station2
t
ATM to 4 ATM to 4
Frame to 4
station3 t
ACK to 3 ACK to 2 ACK to 3
Frame to 1 Frame to 3
station4
t
©NetProWise
Matching the local timer to a network timer
Beacon/ Timestamp +
Probe Response Local offset
Network
Time
Save Begin
TSF Join
Value Process
©NetProWise
Distributed Beacon generation
Awake period
TBIT Transmission
canceled
station1 t
Beacon
station2 t
Transmission
canceled
station3
t
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access - Point Coordinated Function (PCF)
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment - Security
Lab Exercises
©NetProWise
Using the PCF
Contention-free period
Contention
SIFS SIFS PIFS SIFS period
PC CF-
CF-poll(to Data to
Beacon poll(to Station2)+
statio Stn4+CF- CF-END
CF-ACK(to
n1) Station1) poll
Other Frame t
from #1
plus CF- CF-ACK
ACK
SIFS SIFS
NAV
Set by Beacon Released
CF-End
CFMaxduration t
©NetProWise
Data+CF-Ack and Data+CF-poll usage
CFP end
DIFS
CFP
Beacon CP
Frame Frame
ACK ACK t
SIFS SIFS
Actual
CFP start
CFP foreshortening
CFPMaxduration
©NetProWise
Data + CF – ACK Usage
SIFS
Mobile
Station Data + CF - ACK
frames
©NetProWise
Usage of Data+CF-ACK-ACK+CF-poll
SIFS
Data+CF-ACK Data+CF-ACK
Mobile stations From MS1 From MS2
Access Data+CF-ACK
+CF-poll to MS2
points
SIFS
©NetProWise
CF-poll framing usage
PIFS
SIFS SIFS
©NetProWise
CF – ACK + CF – Poll Usage
SIFS
SIFS
SIFS
©NetProWise
CF- End Frame
MAC header
Bytes 2 2 6 6 4
Frame Duration Receiver Address BSSID FCS
Control 00x00 - 0xFF-FF-FF-FF-FF
00
bits 1 1
2 2 4 1 1 1 1 1
Protocol Type = control Sub Type = CF- End ToDs FromDs More Frag Retry Pwr More WEP Order
0 0 1 0 0 1 1 1 0 0 0 0 Mgmt Data 0 0
0
©NetProWise
CF-End + CF – ACK Frame
MAC header
Bytes 2 2 6 6 4
Frame Duration Receiver Address BSSID FCS
Control 00x00 - 0xFF-FF-FF-FF-FF
00
bits 1 1
2 2 4 1 1 1 1 1
Protocol Type = control Sub Type = CF- End ToDs FromDs More Frag Retry Pwr More WEP Order
0 0 1 0 + CF -ACK 0 0 0 0 Mgmt Data 0 0
0 1 1 1 0
©NetProWise
CF Parameter Set Information Element
Bytes 1 1 1 1 2 2
Element ID Length CFP CFP CFP CFP
6 Count Period MaxDuration DurRemaining
©NetProWise
Mobile IP Network
COA
Foreign
network
Internet
CN Router
©NetProWise
Packet Delivery
Internet
CN Router
©NetProWise
Mobile Transport (TCP)
Access Point 1
©NetProWise
Next Generation WLAN – IEEE
802.11n
Comparing IEEE 802.11 Amendments
©NetProWise
IEEE 802.11b versus BlueTooth
©NetProWise
IEEE 802.11n
IEEE 802.11g (up to 30 m & 54 Mbps)
IEEE 802.11a (up to 30 m & 54 Mbps)
IEEE 802.11b (up to 30 m & 11 Mbps)
IEEE 802.11n (up to 50 m & 600 Mbps)
Developed by IEEE Task Group n (TGn)
Chip Vendors – Broadcom, Intel, Atheros, and Marvell.
Switch and Adaptor Vendors – Belkin, D-Link, Linksys, and
Netgear
Some of the other vendors who are contributing to IEEE 802.11n
– AirGo, Atheros, Intel, Nortel Networks, Panasonic, Philips
Electronics, Qualcomm, Samsung, and Sony
©NetProWise
How IEEE 802.11n works
Adds MIMO to the earlier 802.11g technology
Makes use of the multi-path propagation.
Bonds several existing channels for sending and receiving
Object Antenna
Transmitter Receiver
With With
MIMO MIMO
Signal Signal
Processing Processing
©NetProWise
RadioTap
What is RadioTap
Mechanism to exchange frame information between user
application and driver
Addresses the limitations of PrismAVS header format
Using RadioTap arbitrary number of fields can be specified.
Example: One could specify/retrieve FCS for/from a frame.
©NetProWise
RadioTap Header
The radiotap capture format starts with a radiotap header:
struct ieee80211_radiotap_header {
u_int8_t it_version; /* set to 0 */
u_int8_t it_pad;
u_int16_t it_len; /* entire length */
u_int32_t it_present; /* fields present */
} __attribute__((__packed__));
©NetProWise
Some of the Header fields
enum ieee80211_radiotap_type {
IEEE80211_RADIOTAP_TSFT = 0,
IEEE80211_RADIOTAP_FLAGS = 1,
IEEE80211_RADIOTAP_RATE = 2,
IEEE80211_RADIOTAP_CHANNEL = 3,
IEEE80211_RADIOTAP_FHSS = 4,
…
IEEE80211_RADIOTAP_DBM_TX_POWER = 10,
IEEE80211_RADIOTAP_ANTENNA = 11,
IEEE80211_RADIOTAP_DB_ANTSIGNAL = 12,
IEEE80211_RADIOTAP_DB_ANTNOISE = 13,
IEEE80211_RADIOTAP_FCS = 14,
IEEE80211_RADIOTAP_EXT = 31,
};
©NetProWise
Important Characteristics of RadioTap
Fields are in strict order (as they are specified in the it_present
bitmask)
Data is specified in little endian order
Field Lengths are implicit
Variable length fields are not supported
If bit 31 of the it_present field is set, an extended it_present
bit_mask is present
Natural alignment field requirement – 16, 32,48, …
©NetProWise
Summary
©NetProWise
Summary Slide
Mobile Transport (TCP)
©NetProWise
Historical background of FHSS
©NetProWise
FHSS
close
©NetProWise
Overview Ethernet BasicsWireless BasicsIEEE 802.11 Nextgen WLAN
©NetProWise
Content
Wireless LAN Overview
Ethernet & TCP/IP Basics
Mobile & Wireless Basics
Introduction to IEEE 802.11
IEEE 802.11 Media Access
IEEE 802.11 Frame Format
IEEE 802.11 Management Operations
IEEE 802.11 Physical Layers
IEEE 802.11 Deployment
Lab Exercises
©NetProWise
Some TCP/IP Concepts
Layering
Protocol Data Units (PDUs)
Encapsulation
Multiplexing/Demultiplexing
IP Address Class
Domain Name System (DNS)
Client-Server Model
Some Tools
Routing versus Switching
Connection Oriented versus Connectionless
©NetProWise
TCP/IP Layers
Application/Layer
Transport Layer
UDP or TCP
Link Layer
Physical Layer
Network
©NetProWise
Protocol Data Units (PDU) &
Encapsulation
Application Data
Application
message Application Data application
Header
datagram TCP
Data TCP
segment Header
TCP
packet IP Header Data IP
Header
Stack/suite
TCP Port no UDP
ICMP IGMP
…
IP protocol type
IPX ARP/RARP
©NetProWise
Data Networks - Standards
IEEE – 802.3, 802.5, 802.11, FDDC, …
Internet Society (ISOC)
Internet Architecture Board (IAB)
IETF – Engineering Task Force
IRTF – Research Task Force
IANA – Assigned Number Authority
InterNIC – IP Address distribution
Request for Comment (RFCs)
©NetProWise
Addresses used
Four types are addresses are used:
Domain Name
IP Address
Link Layer Address
Port Number
©NetProWise
Subnet
Host A starting an FTP session with Server B.
LAN
segment 3
Rest of
the
network
B
©NetProWise
Address Structure
©NetProWise
Domain Name System (DNS)
DNS permits meaningful host names to be used instead of host of
IP addresses.
It’s a distributed database that provides a mapping between host
names and IP addresses.
There is a function to do IP to host name, another function to do
host name to IP mapping.
www.touchtelindia.net maps to class C address 202.56.228.42.
©NetProWise
Port Address
Identifies a service entity. 21 23
16 bit in size FTP Telnet
Well Known Server Ports - 0 to 1023
TCP
FTP Port 21, Telnet port 23 IP
Registered Ports - 1024 to 49151 192.168.0.1
Ethernet
Dynamic or Ephemeral Ports – 49152 to
00:50:eb:0e:14:7a
65535
Ethernet
©NetProWise
Client Server
Networking applications are mostly client-server applications.
Iterative server or Concurrent Server.
Iterative server handles one client at a time.
Concurrent server handles multiple clients concurrently.
TCP servers are usually concurrent and UDP servers are usually
iterative.
©NetProWise
IPCONFIG
List IP configuration for a host
Usage
ipconfig
ipconfig /all
©NetProWise
Ping Command
Checking for IP connectivity
Usage:
ping localhost
Loopback
ping <itself>
ping <Otherhost> 127.0.0.1
Loopback Interface
Used for Inter Process Communication (IPC)
Loopback address 127.*.*.*
©NetProWise
Netstat
©NetProWise
ARP
©NetProWise
Networking Hierarchy
Computer
LAN segments
Subnets
Networks
Interconnected Networks
©NetProWise
Subnet
Host A starting an FTP session with Server B.
A
©NetProWise
Network
Hosts and Router ports within a subnet share the same subnet ID.
Subnet is a link layer broadcast domain
Router is the gateway between subnets
Router terminates subnet broadcast
192.168.1
192.168.2
Router
Port
192.168.3
192.168.9
©NetProWise
Packet Switching and Routing
1. Switching
Network
sender receiver X.25, ATM, FR
2. Routing
Network
sender receiver IP, IPX
©NetProWise
Connection Oriented Messaging
IP is connectionless networking
Both connection-oriented and connectionless transport could be
offered on top IP.
TCP is a connection-oriented protocol, UDP is connectionless
protocol
©NetProWise
IP Packet Routing in a Subnet
1. Host A checks if Server B is in the same subnet. It is.
2. Host A sends a broadcast frame asking for the MAC address of
Server B (IP Address).
3. This request frame is seen by all hosts & servers within the
subnet.
4. Server B responds to Host A with its MAC address.
5. Host A saves the Server’s IP address and MAC address in its
ARP table and starts sending /receiving frames to/from Server B.
©NetProWise
ARP Table or ARP Cache
ARP stands for Address Resolution Protocol
Each entry in an ARP table contains an IP Address and the
corresponding MAC Address.
ARP entries live only for a short duration - 2 to 10 mins
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
©NetProWise
Physical Layer
Restricted to Wireline
©NetProWise
Network Interface Controller (NIC)
NIC Card
RJ45 Connector, Cable
Ethernet
Cables
or
ct
ne
on
IC
PC
RJ45 Socket
©NetProWise
RJ45 10Base-T
©NetProWise
Link Layer
Responsible for
Creating a frame and sending it to next node
Receiving a frame and Processing it
Error check
Flow control
De-multiplexing
Class of Service
©NetProWise
Link Layers
Ethernet
IEEE 802 Encapsulation
FDDI
CDDI
PPP
SLIP
ATM
©NetProWise
Serial Line IP (SLIP RFC 1055)
Motivation
Versus
©NetProWise
SLIP Frame Format (RFC 1055)
END (0xC0) and ESC (0xdb) are used to create the frame.
No type field!
IP address issue
No Frame Check Sequence (FCS) or CRC!
IP Datagram
c0 db
c0 db dc db dd c0
©NetProWise
PPP
©NetProWise
PPP Encapsulation Format (RFC 1548)
©NetProWise
Loopback IP Interface
©NetProWise
Loopback Interface
IP output IP input
function function
Place on
YES Dest IP Multicast/Broadcast?
IP input Queue
Place on
IP input Queue NO
Ethernet
©NetProWise
Local Area Network (LAN)
Initial LANs provided connectivity between computers which are co-
located within a short distance of few meters using shared medium.
This solution of interconnecting computers does not scale well. Thus, it
is still limited to computers that are in physical proximity.
©NetProWise
What is Ethernet?
©NetProWise
Ethernet History
Developed by Xerox Corporation.
Initially controlled by DEC, Intel, and Xerox.
IEEE started its standardization in late 80s.
IEEE 802.2 Specifies LAN Message Format.
IEEE 802.3 Specifies Ethernet Hardware standard for Ethernet.
Issue with Internet TCP/IP standard!
©NetProWise
Typical Ethernet Configuration
©NetProWise
Media Access – Carrier Sense Multiple Access Collision Detection
(CSMA-CD)
©NetProWise
IP Layer
IPv4 Header Format (RFC 791)
©NetProWise
Subnet Addressing
©NetProWise
Subnets
©NetProWise
Subnet Mask
Host
knows its IP address and subnet id
©NetProWise
Host Receiving IP datagrams
©NetProWise
Address Resolution Protocol (ARP)
©NetProWise
hostname
hostname
Resolver (1) FTP
IP address
(2) Establish connection
with IP address
TCP
Send IP datagram to
(3) IP address
(4)
(5)ARP IP
(8) (9)
(6) Ethernet
ARP Request (Ethernet broadcast) Driver
Ethernet Ethernet
Driver Driver
ARP (7)ARP IP
©NetProWise
IP Fragmentation
Transport layer can send datagrams which are larger than MTU
Larger datagrams are fragmented at the source by IP layer
Assembled at the destination IP layer
Fragments can be fragmented recursively
IP fragmentation strongly discouraged!
©NetProWise
Characteristics of TCP
Connection-oriented (state based)
Reliable
Timeout, Buffering, Checksum, Acknowledge
Exchanges Byte Stream
Different from message exchange, message transparent
Duplex
©NetProWise
TCP Header Format (RFC 793)
20 20 18
4 6
TCP Segment
©NetProWise
TCP Message Flags
SYN Synchronize Sequence Numbers to initiate
connection.
RST Reset Connection.
PSH Push data to receiving process ASAP.
URG Urgent pointer is valid.
ACK Acknowledgement is valid.
FIN Sender is finished sending.
©NetProWise
TCP - Connection Establishment
©NetProWise
TCP data flow
Open Connection
…
Client Server
databyt
e
…
Close Connection
©NetProWise
TCP – Connection Termination
1. FIN: Client sends a FIN Server
2. ACK: Server ACKs client’s FIN
3. FIN: Server sends a FIN
Client
4. ACK: Client ACKs server’s FIN 1 . F IN
2. ACK
.
.
time .
3. FIN
4 . AC
K
©NetProWise
Some TCP Terminologies
Half-open: Server is waiting for SYN requests from client
Half-close: Client has no more requests and sent its FIN and
Server has even ACKed the FIN. But Server has some more data
to send to the client.
Active/Passive close: It is said that the first host to issue a FIN
performs the active close , then the other and second one becomes
the passive close.
Maximum Segment Size (MSS)
©NetProWise
Sliding Window
Sliding Window parameter is used to:
Guarantee the reliable delivery of data.
©NetProWise