Wireless LAN Standards

• IEEE 802.11 Standards

• Other IEEE Standards corresponding to
– Bluetooth, Zygbee
 Wireless LANs

• Problems of Wired LANs

• Rat’s nest of wires
• Variety of power cords and adapters
• Cables for modems, printers, scanner,
mouse and keyboards
• Interconnecting machines
 Challenges

• Radio and Infrared transmissions susceptible to

noise and interference
– Unreliable transmission
• Strength varies in time and space
– Fading
• Finite Radio Spectrum
– Shared with other systems
• Radio spectrum regulated by different bodies
 Hidden and Exposed Terminals
• Hidden terminals
– A sends to B, C cannot receive A
– C wants to send to B, C senses a “free” medium (CS
fails)
– collision at B, A cannot receive the collision (CD fails)
– A is “hidden” for C
A B C

• Exposed terminals
– B sends to A, C wants to send to another terminal (not
A or B)
– C senses carrier, finds medium in use and has to wait
– A is outside the radio range of C, therefore waiting is
not necessary
– C is “exposed” to B
 What is IEEE 802.11?

• IEEE 802.11-2012
– Family of standards set forth by the IEEE to
define the specifications for wireless LANs
– Defines:
• Medium Access Control (MAC)
• Physical Layer (PHY) Specifications
IEEE 802.11 and the ISO stack
 What is IEEE 802.11?

• Local, high-speed wireless connectivity for

fixed, portable and moving stations
– stations can be moving at pedestrian and
vehicular speeds
• Standard promises interoperability
– vendors products on the same physical layer
should interoperate
• Targetted for use in
– inside buildings, outdoor areas, anywhere!
 IEEE 802.11
• Uses Direct Sequence spread spectrum (DSSS)
technology
– Frequency-Hopping spread spectrum (FHSS) can only be
used for 1 or 2Mbps in US due to FCC regulations
• Operates in unlicensed ISM band
– ISM: Industrial, Scientific and Medical
– Wireless sensor networks in the 915 MHz and 2.450 GHz
bands, WLANs and cordless phones in the 915 MHz,
2.450 GHz, and 5.800 GHz bands
– ISM regulatory range:
• 2.4 GHz to 2.4835 GHz for North America
• 2450 MHz and 5800 MHz bands
 IEEE 802.11
• Supported Speeds and Distances
– 1, 2, 5.5, 11 Mbps at distances of 150-2000 feet
without special antenna
– Greater distances can be achieved by using
special antennas
– Distance (or signal strength) greatly depends on
obstructions such as buildings and other objects
– Maximum speed obtained depends on signal
strength
 IEEE 802.11b
• ‘b’ in IEEE 802.11b
– September 1999, 802.11b “High Rate” amendment
was ratified by the IEEE
– 802.11b amendment to 802.11 only affects the
physical layer, basic architecture is the same
• Added two higher speeds
– 5.5 and 11 Mbps
• More robust connectivity
• IEEE 802.11b started to be known as Wi-Fi (Wireless
Fidelity)
 IEEE 802.11a
• “Fast Ethernet” standard of wireless LANs
• Speeds of up to 54 Mbps
• 5 GHz (U-NII band) instead of 2.4 GHz
– Unlicensed National Information Infrastructure
• OFDM instead of DSSS for encoding
– Orthogonal Frequency Division Multiplexing
 IEEE 802.11a
• Advantages
– higher speed
– less RF interference than 2.4 GHz
• 2.4 GHz used by Bluetooth, cordless/cellular phones,
etc.
– some interoperability, vendors currently have
“dual-standard” 802.11a/b equipment
• Disadvantages
– shorter range, need to increase AP density or
power 4X to compensate
 IEEE 802.11g
• Another high-speed standard
• Viewed as a ‘step’ towards 802.11a
• Speeds of up to 54 Mbps
– may be more like 20+ Mbps
• Still works at 2.4 GHz
– not in the 5 GHz range like 802.11a
• Advantages
– compatible with 802.11b
– better range than 802.11a, for now
 IEEE 802.11-2007
• Based on obsolete IEEE 802.11e
– adds quality-of-service features to MAC layer of
802.11b compatible networks
• error correction
• better bandwidth management
– significantly improves multimedia performance
• works around RF interference
– handles interference by moving away from it
– i.e., moves to a new frequency when interference from a 2.4
GHz cordless phone is detected
 IEEE 802.11-2012
• New support for 3.65 and 3.7GHz bands, to avoid
clashing with 2.4GHz or 5GHz networks, as well as
better support for direct linking, Faster cellular
hand-offs, improved QoS, Vehicular Networks,
Roaming and mesh networking
• Additions include much higher throughputs up to a
maximum of 600Mbps
• Security enhancements, broadcast/multicast and
unicast data delivery, interworking with external
networks and network management.
 Other Standards
• IEEE 802.11n
– IEEE has added multiple-input multiple-output (MIMO) and
40 MHz channels to the PHY (Physical Layer), and frame
aggregation to the MAC layer.
– It can be enabled in the 5 GHz mode, or within the 2.4 GHz
mode
– Resulted into high data rates (up to 600Mbps)
• IEEE 802.11ac
– Wider RF bandwidth (up to 160 MHz),
– More MIMO spatial streams (up to eight)
– High-density modulation (up to 256-QAM)
– 433 Mbps to 1.69 Gbps per STA
IEEE 802.11 and the ISO stack
 IEEE 802.11 Physical Layer
• IEEE 802.11 Physical Layer Specifications
– include FHSS, DSSS, IR
• PLCP: Physical Layer Convergence Protocol
– interface used by the other physical layer specs
– maps data units into a suitable framing format
• PMD system: Physical Medium Dependent
– defines the characteristics/method of Tx/Rx data
through a wireless medium between 2 or more
stations
 IEEE 802.11 Physical Layer
• Spread Spectrum
– spreads the transmitted signal over a wide range of
spectrum
– avoids concentrating power in a single narrow
frequency band
– noise makes this necessary so that receiver can
accurately decode the transmitted signal
– 2 major approaches to spread spectrum:
• FHSS: Frequency Hopping Spread Spectrum
• DSSS: Direct Sequence Spread Spectrum
 IEEE 802.11 Data Link Layer
• 2 Sublayers
– Logical Link Control (LLC)
– Media Access Control (MAC)
• IEEE 802.11 uses the same IEEE 802.2 LLC
– Same 48-bit addressing as other IEEE 802.xx
LANs
– MAC address is same 6 bytes or 48 bits
– Allows for simple bridging to wired networks
• MAC sublayer is unique in IEEE 802.11
 Multiple Access with Collision
Avoidance (MACA) [Karn90]
• MACA uses signaling packets for collision avoidance
– RTS (request to send)
• sender request the right to send from a receiver with a
short RTS packet before it sends a data packet
– CTS (clear to send)
• receiver grants the right to send as soon as it is ready to
receive
• Signaling packets contain
– sender address
– receiver address
– packet size
• Variants of this method are used in IEEE 802.11
 MACA Solutions [Karn90]
• MACA avoids the problem of hidden terminals
– A and C want to
send to B RTS
– A sends RTS first A B C
CTS CTS
– C waits after receiving
CTS from B
• MACA avoids the problem of exposed terminals
– B wants to send to A, C
to another terminal
RTS RTS
– Now C does not have A B C
CTS
to wait, as it cannot
receive CTS from A
 IEEE 802.11 MAC Sublayer
• MAC Algorithm: Regulates access to the medium
• Wired IEEE 802.3 LANs use CSMA/CD
• IEEE 802.11 uses CSMA/CA
• CSMA: carrier sense multiple access
– CD: with collision detection
– CA: with collision avoidance
• Collision detection is not possible in IEEE 802.11
– Near-far problem: can’t transmit and “hear” a collision at the
same time
 What is near-far problem?
• Consider that there are 2 mobile stations (MS)
transmitting at equal powers, but one is nearer to the
base station (BS) compared to the other.
• Signal-to-noise ratio (SNR) for the farther MS is much
lower.
– If the nearer MS transmits a signal that is orders of magnitude
higher than the farther MS then the SNR for farther MS may
be below detectability threshold and it would seem that the
farther MS is not at all transmitting.
– This effectively jams the communication channel.
– The problem is one of detecting or filtering out a weaker
signal amongst stronger signals.
– This situation is called "near-far problem" and is more
pronounced in CDMA-based systems.
 IEEE 802.11 MAC Sublayer …
• CSMA/CA avoids collisions by explicit packet
acknowledgment (ACK)
– A station wishing to transmit first senses the medium
– if no activity detected, station waits an additional,
random amount of time then transmits if the medium
is still free
– ACK packet is sent by receiving station to confirm
the data packet arrived intact
– collision assumed if sending station doesn’t get ACK,
data is retransmitted after a random time
 IEEE 802.11 MAC Sublayer …
• Other unique features in IEEE 802.11
– IFS: Inter Frame Space
• Time interval between frames
• Mandatory period of idle time
– Handling hidden stations (hidden-node problem)
• virtual carrier sense
– Power management functions
– Data security (MAC address, WEP)
• WEP: Wired Equivalent Privacy
– Multirate support
– Fragmentation / Defragmentation
 Coordination Functions of MAC

• Determine when a station in a BSS is allowed to

transmit and when it may be able to receive
PDUs over the wireless medium
 Coordination Functions of MAC …
1. Distributed Coordination Function (DCF)
– Provides support for asynchronous data transfer of
MAC SDUs on a best effort basis
– Contention Mode for all station
2. Point Coordination Function (PCF)
– Optional and sits on top of DCF
– May be implemented by an Access Point (AP)
– Connection-oriented time bound transfer of MAC
SDUs
– Contention and contention-free periods
– Medium usage controlled by AP (synchronization
and timing)
Distributed Coordination Function (DCF)
• The basic access method
• Provides Contention services for fair service to all
stations
• All stations required to support DCF
• Based on CSMA-CA protocol
– All stations obliged to remain quiet for a certain minimum
period after a transmission has been completed called the
interframe space (IFS)
– High priority frames: SIFS
– PCF Priority access to the medium: PIFS
– DCF Interframe Space: DIFS
• Transmit Data and Management MPDUs
IEEE 802.11: A Closer Look
 Frames in IEEE 802.11
• Control frames: These are used for controlling access to the
medium, for handshaking, and for positive acknowledgments
during the data transfer. Examples are RTS, CTS, ACK,
Contention-Free (CF), and so on.

• Management frames: These are transmitted in the same way as

data frames but are used to exchange management information.
IEEE 802.11 standard is being strengthened for providing data
confidentiality to management frames.
• Examples of types of management frames used are
Probe Request, Probe Response, Beacon, Association Request,
Association Response, Reassociation Request, Reassociation Response,
Disassociation, Authentication Request, Authentication Response,
Deauthentication

• Data Frames: These are used for data transmission.

The IEEE 802.11 Frame Structure

Data Frame
 The IEEE 802.11 Frame Structure ...
• Frame Control field is a very important & includes several
subfields. These fields are used for differentiating various frame
types, to define the meaning of address fields depending on whether
infrastructure or ad hoc modes are used or an AP or a station is
sending the frame.
• Sequence Control field is used to number the sequence number of
frames/fragment frame number being transmitted.

•
 The IEEE 802.11 Frame Structure ...
• There are four address fields:
• Address 1 contains the MAC address of the wireless station that is the recipient of the
frame.
• Address 2 contains the MAC address of the station/AP that transmits the frame.
• Address 3 is used in internetworking the BSS with a wired LAN, and hence this address
is inserted as the MAC address of the interface in routing.
• Address 4 is used in ad hoc network mode and not in the infrastructure mode.
• Sequence Control field consists of two subfields: Sequence
Number (12 bits) and Fragment Number (4 bits)., sequence number
subfield indicates the sequence number of each MAC frame. A
frame can also be fragmented, for which the fragment number
subfield indicates the number of the fragmented frames of a frame.
Both fields are initialized to zero.
• CRC field calculates frame check sequence for the entire MAC
header and frame payload.
• Every AP in IEEE 802.11 is assigned one Service Set Identifier
(SSID).
Frame Formats
Data Frame
IEEE 802.11 Management Services
Distribution Services

• Association
• Disassociation
• Reassociation
• Distribution
• Integration
IEEE 802.11 Services

Intracell Services
• Authentication
• Deauthentication
• Privacy
• Data Delivery
 Management Frames
• Authentication frame: IEEE 802.11 authentication begins with the
WNIC sending an authentication frame to AP containing its
identity.
• Association request frame: Sent from a STA it enables the AP to
allocate resources and synchronize. Frame carries information
about the WNIC including supported data rates and the SSID of
the network the STA wishes to associate with. If the request is
accepted, the AP reserves memory and establishes an association
ID for the WNIC.
• Association response frame: Sent from an AP to a STA containing
the acceptance or rejection to an association request. On
acceptance, the frame will contain information such an association
ID and supported data rates.
 Management Frames (Contd.)
• Beacon frame: Sent periodically from an AP to announce its
presence and provide the SSID, and other parameters for WNICs
within range.
• Deauthentication frame: Sent from a station wishing to terminate
connection from another station.
• Disassociation frame: Sent from a station wishing to terminate
connection. It's an elegant way to allow the access point to
relinquish memory allocation and remove the WNIC from the
association table.
 Management Frames (Contd.)
• Probe request frame: Sent from a STA when it requires
information from another STA.
• Probe response frame: Sent from an AP containing capability
information, supported data rates, etc., after receiving a probe
request frame.
• Reassociation request frame: A WNIC sends a reassociation
request when it drops from range of the currently associated AP
and finds another AP with a stronger signal. The new AP
coordinates the forwarding of any information that may still be
contained in the buffer of the previous AP.
• Reassociation response frame: Sent from an access point
containing the acceptance or rejection to a WNIC reassociation
request frame. The frame includes information required for
association such as the association ID and supported data rates.
 Basic CSMA-CA operation

DIFS Contention
Window
PIFS
Free access when medium
is free longer than DIFS
SIFS
DIFS
Busy Medium Next Frame

Wait for
Time
Defer Access
reattempt time
(Channel should remain free after this time)
 Inter-Frame Spacing (IFS) for Prioritized
Access to Channel
• IFS is the time interval during which each node has to wait before
transmitting any packet and is used to provide a prioritized access
to the channel
• Short Inter-Frame Space (SIFS): It separates transmissions belonging
to a single dialog and is the smallest IFS. It has the highest priority over
all stations. Its value is fixed per PHY.
• Point Coordination IFS (PIFS): It is used by the PC in PCF mode to
gain access to the medium before any other station. Its value is SIFS
plus a slot time. Using PIFS, the AP issues polling requests to the
stations for data transmissions.
• Extended IFS (EIFS): It is longer IFS used by a station that has
received a frame but could not understand it but wants to prevent
collision.
• DCF IFS (DIFS) is larger than SIFS and is used when initiating a data transfer
– When RTS/CTS is used, the RTS packet can be transmitted after waiting for DIFS
duration of time
– All other frames (CTS, DATA, and ACK) use SIFS before attempting to transmit
 Inter Frame Spaces

Interframe spacing in 802.11.

 CSMA-CA Operation
• DCF is the primary access method of IEEE 802.11 networks. A
station is allowed to transmit an initial MAC PDU under DCF if the
station detects the medium to be idle for DIFS
• If the station detects a medium to be busy, then it must calculate a
random backoff time chosen within a contention window (CW) or
contention period, to schedule a reattempt.
 Handshaking and Data Transfer in
•
CSMA-CA
This is required because of hidden station problem.

• If station A wants to send data frame to station B, station A first

sends a request-to-send (RTS) frame. It is a control frame
containing the destination frame address and the expected duration of
complete data.

• All stations receiving this frame set their NAV. NAV stands for
Network Allocation Vector that specifies the earliest time when the
station is allowed to attempt frame transmission. If station B receives
the RTS frame, then after waiting for SIFS the station B issues a
clear-to-send (CTS) control frame.

• When the CTS frame is received successfully at A, it waits for SIFS

and sends the data frame. If the data frame arrives without error,
station B responds with an ACK after another SIFS.
 Four key Elements of DCF
• ACK
• RTS/CTS with NAV
• IFS, and
• Backoff algorithm with CW
 Increased Control Overhead
Reduction in the chance of collisions occurs at
the expense of increased control overhead
involved with the exchange of RTS and CTS
packets, which can be significant for short
frames.
 DCF Recommendation
• Use of the “RTSTheshold” parameter to
determine the payload size for which
RTS/CTS should be used
– This parameter is not fixed
– Has to be set separately by each mobile node
 Transmission range of RTS and CTS
Control Packets

Nodes NS and NR would receive RTS and CTS, respectively, and

set their NAVs accordingly to refrain themselves from accessing
the medium during the transmission of node S
Four-way Handshake between S and R
as well as IFS and Contention window
 Backoff Algorithm with CW
• To Provide Fair Access with Congestion Control
• To reduce the probability of collisions when
contention is severe
• After waiting for the IFS duration, Each competing
node waits for a backoff time, which is randomly
chosen in the interval (0, CW), defined as contention
window
 Wireless LAN Topologies
IEEE 802.11 standard has three different LAN topologies
1. Independent Basic Service Set (IBSS): In IBSS, the wireless
stations communicate directly with one another, there is no central or
control station.

2. Basic Service Set (BSS): A BSS contains several wireless stations

and a central station called Access Point (AP). A BSS is the basic
building block of the wireless network.

3. Extended Service Set (ESS): Several BSSs can be connected by

means of a distributed system (DS). These BSSs could be
overlapping one another with an AP. To integrate wireless network
with wired networks, the DS must contain logical points called
portals. The ESS consists of the BSSs with their stations and the DS
connecting the APs and portals.
 IEEE 802.11 IBSS
• IBSS: Independent Basic Service Set
– Peer-to-peer or ad-hoc network
– Wireless stations communicate directly with one
another
– Generally are not connected to a larger network
– No Access Point (AP)
 IEEE 802.11 BSS
• BSS: Basic Service Set
– Infrastructure mode
– An AP connects clients to a wired network
 BSS
• Defined as group of stations that coordinate
their access to the medium under a given
instance of the medium access control
• Area covered by BSS called Basic Service
Area (BSA)
– Analogous to a cell in cellular network
– Upto a diameter of tens of meters
 BSS and Adhoc Wireless
Network
• Adhoc Network consists of group of
stations within range of each other
• Typically temporal in nature
• Can be formed spontaneously anywhere
• Disbanded after a limited period of time
 IEEE 802.11 ESS
• ESS: Extended Service Set
– A set of BSSs interconnected by a distribution
system
– Consists of overlapping BSSs (each with an AP)
• DS connects APs together, almost always Ethernet
• ESS allows clients to seamlessly roam between APs
 Quality of Service Support in IEEE 802.11
• The IEEE 802.11e standard enhanced MAC sublayer by specifying
the hybrid coordination function (HCF) and its two medium access
mechanisms: enhanced distributed channel access (EDCA) and
HCF-controlled channel access (HCCA).

• The Enhanced Distributed Channel Access (EDCA) mechanism of

IEEE 802.11e was provided as an enhancement of the DCF access
scheme to provide differentiated distributed channel access.

• EDCA provides QoS to the packets. The QoS mechanism is

class-based differentiated service. The packets in EDCA are
classified into four different Access Categories (ACs): AC-VO
(AC-Voice), AC-VI (AC-Video), AC-BE (AC-best effort), and
AC-BK (AC-background). 59
 Quality of Service Support in IEEE 802.11

• HCCA provides QoS by allowing for reservation of transmission

time. HCCA is centralized, is contention free, and provides QoS by
allowing for reservation of transmission time.

• In EDCA, the parameters are announced by the AP in beacon frames

and can be dynamically adapted to meet the traffic requirements and
traffic load conditions

60
 Security in IEEE 802.11
• Wireless LAN suffers from a problem called eavesdropping, which
may be defined as the ability to capture the Wireless LAN traffic.

• IEEE 802.11 provides a data security protocol named Wired

Equivalence Privacy or WEP. It does not specify a key
management algorithm, rather assumes that the host and AP agree
upon a key. This key is used to encrypt the frames.

• Unfortunately, any attacker can easily spoof receiver by modifying

the key and the frame in WEP. Thus, another protocol called IEEE
802.11i standard has been proposed for securing and strengthening
security in Wireless LAN.

61