Addressing Mechanism
The IEEE 802.11 addressing mechanism is complicated due to the involvement of intermediate stations (APs) There are 4 cases defined by the value of “To DS” and “From DS” flags in the FC field: To DS
From DS
Address 1
Address 2
Address 3
Address 4
0
0
Destination station
Source station
BSS ID
N/A
0
1
Destination station
Sending AP
Source station
N/A
1
0
Receiving AP
Source station
Destination station
N/A
1
1
Receiving AP
Sending AP
Destination station
Source station
Address 1 is always the address of the next device Address 2 is always the address of the previous device Address 3 is the address of the final destination station if it is not defined by Address 1 Address 4 is the address of the original source station if it is not the same as Address 2 1
Case 1 (“To DS” = 0 & “From DS” = 0) o The frame is not going to a distribution system and is not coming from a distribution system o Instead, it is going from one station in a BSS to another without passing through the distribution system o The ACK frame should be sent to the original sender
BSS-ID
A
B
A
ADDR 1
ADDR 2
ADDR 3
ADDR 4
B
BSS 2
Case 2 (“To DS” = 0 & “From DS” = 1) o The frame is coming from a distribution system (via an AP) and going to a station o The ACK frame should be sent to the AP o Address 3 contains the original sender of the frame (in another BSS) BSS
A
B
AP
A
ADDR 1
ADDR 2
ADDR 3
ADDR 4
AP Distribution system
B 3
Case 3 (“To DS” = 1 & “From DS” = 0) o o o
The frame is going to a distribution system (from a station to an AP) The ACK frame is sent to the original station Address 3 contains the final destination of the frame (in another BSS) BSS AP
B
A
ADDR 1
ADDR 2
ADDR 3
ADDR 4
A
AP
B
Distribution system 4
Case 4 (“To DS” = 1 & “From DS” = 1) o The frame is going from one AP to another AP in a wireless distribution system o Four addresses are required to define the original sender, the final destination, and 2 intermediate APs
Wireless distribution system
A
BSS
AP1
AP2
AP1
B
A
ADDR 1
ADDR 2
ADDR 3
ADDR 4
AP2
B
BSS 5
IEEE 802.11 Implementation
This IEEE 802.11 standard defines the media access control (MAC) and physical (PHY) layers for a LAN with wireless connectivity.
IEEE 802.11 standards mapped to the OSI reference model 6
Physical Medium
Infrared : o
limited to a single room as infrared light cannot penetrate opaque walls
Spread spectrum: o 802.11: frequency hopping spread spectrum (FHSS), direct o o o o
sequence spread spectrum(DSSS) Operate in the 2.4GHz ISM [Industrial, Scientific and Medical] bands, so that no licensing is required 802.11a: Using OFDM (orthogonal frequency-division multiplexing) in 5GHz ISM band 802.11b: Using HR-DSSS (high rate DSSS) in 2.4GHz ISM band 802.11g: Using OFDM in 2.4GHz ISM band
7
Access Modes
DCF(Distributed coordination Function) o In this mode there is no central control, and stations compete for air time, just as they do with Ethernet. o DCF uses a contention algorithm (CSMA/CA) to provide access to all traffic o In some circumstances, the DCF may use the CTS/RTS clearing technique to further reduce the possibility of collisions PCF(Point Coordination Function) o PCF provides contention free service and is built on top of DCF and exploits features of DCF to assure access for its users (for time sensitive transmission). o The base station polls the other stations (one after another), asking them if they have any frames to send
8
Another interframe space has been defined: PIFS (PCF IFS) PIFS is shorter than DIFS so that the base station using PCF has higher priority over other station using DCF For e.g., if a station wants to use DCF and an AP wants to use PCF, the AP has priority since its waiting time is shorter (PIFS < DIFS) Due to its lower priority, stations using DCF may not gain access to the medium For networks with both PCF and DCF traffic, a repetition interval has been designed Each repetition interval consists of a contention-free period and contention period Each interval starts with a special control frame known as a beacon frame 9
When other stations sense the beacon frame, they start their NAV for the duration of the contention free period. At the end of the contention-free period, the AP a CF (contention-free) end frame to allow the contention-based stations to used the medium.
Usually, DCF is used for ad hoc networking and PCF is used for networking with base station or access point. 10
Interframe Spacing (IFS)
Interframe spacing plays a large role in coordinating access to the transmission medium. Varying interframe spacings create different priority levels for different types of traffic: high-priority traffic doesn't have to wait long after the medium has become idle (it grabs the network before low-priority frames have a chance to try ) SIFS (Short IFS): The shortest IFS, used for all immediate response actions: acknowledgement (ACK), clear to send (CTS), poll response. PIFS (PCF IFS): A midlength IFS, used in contention-free operation (base station when issuing polls) DIFS (DCF IFS): The longest IFS, is the minimum medium idle time for contention-based services. 11
DIFS PIFS Busy
Other stations buffer and defer frames
SIFS
Contention window
...
Frame transmission
Backoff slots
Time
12
Wired Equivalent Privacy
The 802.11 standard includes a security protocol called Wired Equivalent Privacy (WEP) WEP provides authentication and encryption between a device and an AP. The encryption algorithm uses a 40-bit secret key (every product on the market supports at least 104-bit keys now) and append a 24-bit initialization vector to create a 64-bit key (128-bit key if 104-bit keys are used) It uses different initialization vector, thus different encryption key for each frame. The protocol does not specify a key exchange algorithm (the keys must be agree upon prior to any exchange)
13
The encryption uses an algorithm known as RC4 (a secret-key stream cipher ):
A number of flaws have been discovered (see www.isaac.cs.berkeley.edu/isaac/wep-faq.html) Solutions: i. Dynamic WEP Keying ii. Wi-Fi Protected Access (WPA)
14
Connecting LANs
Several reasons for dividing one LAN into multiple LANs: Reliability – If all devices are connected to a single network, a fault on the network may disable communication for all devices. Bridges allow the network to be partitioned Performance – Performance of LAN declines with increase number of devices or length of cable. A number of smaller LANs will often give improved performance where devices can be clustered so that intranetwork traffic significantly exceeds internetwork traffic Security – The establishment of multiple LANs may improve security where different types of traffic [e.g., accounting, personnel] that require different security needs are located on physically separate media
15
Geography – For the case of interconnecting the devices in two different geographical locations, it may be more feasible to implement two LANs and use a microwave bridge to link them than to string coaxial cable to implement a single LAN B Token ring LAN
connector
Token ring LAN connector
server
Token ring LAN
connector
C Ethernet LAN server
A
server
Interconnecting networks 16
Connecting Devices
There are 5 types of connecting devices: repeaters, hubs, bridges, routers and switches (two- and three-layer) Repeaters and hubs operate in the 1st layer Bridges and two-layer switches operate in the first two layers Routers and three-layer switches operate in the first three layers Network
Network Bridge
Data link
Physical
Repeater
Data link
Data link
Physical
Physical
Layer 1 connection
Data link
Data link
Physical
Physical
Data link
Physical Layer 2 connection
Transport
Transport Router
Network
Network
Network
Network
Data link
Data link
Data link
Data link
Physical
Physical
Physical
Physical Layer 3 connection
17
Layer 1 Connections Repeater It operates only in the physical layer A repeater is a regenarator, not an amplifier It receives a signal and regenerates the original bit pattern before it becomes too weak (attenuation) and corrupted It extends the physical length of a LAN (10Base5 & 10Base2) A repeater does not connect two LANs; it connects 2 segments of the same LAN (still form one single LAN) It is not a device to connect two LANs of different protocols A repeater forwards every frame; it has not filtering capability Repeater
Segment 1
Segment 2
18
Hub A hub is actually a multiport repeater It is used to create connections between stations in a star topology Hubs can also be used to create multiple levels of hierarchy Use of hubs removes the length limitation of 10Base-T (100m) Backbone hub
Hub
Hub
Hub
Collision domain
19
Layer 2 Connections Bridge A bridge operates in both physical and data link layers At the physical layer, it regenerates the signal it receives The bridge is able to check the physical (MAC) addresses contained in a frame (as it is also operating in the data link layer) A bridge has filtering capability: it can check the destination address of a frame and decide if the frame should be forwarded (to a port) or dropped A table is used by the bridge to map addresses to port A bridge does not change the physical address in a frame 00:2B:52:3A:E7:21 00:2B:52:3A:E7:32
`
`
LAN 1
00:3A:57:45:12:90
1
Bridge
2
`
00:3A:57:45:12:75
`
Address
Port
00:2B:52:3A:E7:21
1
00:2B:52:3A:E7:32
1
00:3A:57:45:12:75
2
00:3A:57:45:12:90
2
LAN 2
20
A bridge should be able to connect LANs using different protocols at the data link layer, such as Ethernet LAN to a wireless LAN (access point) Many issues to consider: o Frame format. Each type of LAN has its own frame format. o Maximum data size. If the incoming frame is too large for the destination LAN, it must be fragmented into several frames. Some protocols at the data link layer does not support fragmentation and reassembly of frames. Thus the bridge must discard any frame that is too large. o Data rate. Each type of LAN has its own data rate. The bridge must buffer the frame to compensate for the difference. o Bit order. Different types of LAN may send data in different order (MSB transmitted first or LSB transmitted first) 21
o Security. Some LANs (e.g. Wifi) implement security measures in the data link layer which often involve encryption. The data must be decrypted by the bridge if it is forwarding it to a LAN without security (e.g. Ethernet). o Multimedia support. Some LANs support multimedia and the quality of services needed for this type of communication. Transparent bridges These are the bridges that create and update their own routing tables (IEEE 802.1d specifications) The stations are completely unaware of the bridge’s existence If a station is added or removed from the network, the bridges learn this and update their routing table accordingly (i.e. does not require manual modification of the table) This capability to update the routing table is called route learning or address learning 22
Two-layer Switch A two-layer switch is a multiport bridge that allows better (faster performance) A bridge can connect a few LANs together A switch may allocate a unique port to each station, with each station on its own independent entity (no contention and no collision) Mail server
Hub
Collision domain
Switch
Hub
Collision domain
File server
Hub
Collision domain
23
Virtual LANs
A station is considered part of a LAN if it is physically belongs to that LAN (configured by physical wiring) A virtual local area network is a LAN configured by software In a switched LAN, changes in the workgroup mean physical changes in the network configuration (rewiring)
24
In VLAN, a LAN is divided into logical segment The group membership in VLANs is defined by software (stations can be logically moved between VLANs) VLAN even allows the grouping of stations connected to different switches in be grouped into the same VLAN
25
VLAN groups stations belonging to one or more physical LANs into broadcast domains All members belonging to the same VLAN can receive broadcast messages sent to that particular VLAN The stations in a VLAN communicate with each other as though they belonged to a physical segment Vendors define membership using different characteristic such as port numbers, MAC addresses, IP addresses, IP multicast address to a combination of these Stations can be configured into different VLANs using: i. Manual configuration using VLAN software to manually assign stations into different VLANs. Subsequent migration is also done manually ii. Automatic configuration using criteria defined by the network administrator (e.g. project number) 26
iii. Semiautomatic configuration where initialization is done manually with migration done automatically. IEEE 802.1 subcommittee passes a standard called 802.1Q in 1996 that defines frame tagging (allowing switches to exchange the membership information of stations in other switches) and enables the use of Switch β multivendor equipment in VLANs Switch α
H [VLAN 1] E [VLAN 2] G [VLAN 2] F [VLAN 1]
A [VLAN 1]
B [VLAN 1]
D [VLAN 2] C [VLAN 2]
27
Advantages of VLAN
Cost and Time Reduction VLANs reduce the migration cost of stations going from one group to another as physical reconfiguration takes time and costly It is easier and quicker to move a station to another segment or switch using software Creating Virtual Workgroups VLANs allow the creation of virtual workgroups allowing stations to send broadcast messages to one another without the necessity of belonging to the same physical network Security VLANs provide an extra measure of security where station belonging to the same VLAN can send broadcast messages with the guarantee assurance that stations in other VLAN will not receive these messages
28