Wireless LAN

Wireless LANs
• Evolution and Technology
• IEEE 802.11
• Bluetooth
• Zigbee and IEEE 802.15
 Evolution
• Early experiences (1970-72): IBM, HP, Motorola
– Abandoned due to limited performance and unavailability of
frequency bands
• Early challenges:
– Complexity and cost
– Bandwidth
– Coverage
– Interference
– Frequency administration
• Emergence of unlicensed bands
– Release of Industrial, Scientific and Medical (ISM) bands in 1985
• Applications: military, home and enterprise networks,
mobile networks, teetherless access
 Media Access
• Media in wireless networks is shared and is
scarce – access must be controlled
• Observations:
– Contention is at the receiver, not at the sender –
makes the carrier sense approach inappropriate
– Unlike Ethernet, congestion is location-dependent
– The media access protocol should propagate
congestion information explicitly rather than having
each device learn about congestion independently
– Media access protocol should propagate
synchronization information about contention periods,
so that all devices can contend effectively
 IEEE 802.11
• Standardization group formed in 1990, first
standards completed in 1997
• IEEE 802.11 is the first WLAN standard; only
one to secure a market
• 802.11b: PHY layer supports 11 Mbps using
CKK (complementary code keying) technology
• 802.11a: PHY layer supports 54 Mbps using
OFDM
• Uses CSMA/CA for contention data
• Supports both infrastructure as well as ad hoc
modes
 Requirements
• Single MAC to support multiple PHY
layers
• Mechanism to support multiple
overlapping network
• Provisions to handle interference
• Mechanism to handle hidden terminals
• Privacy and access control
IEEE 802.11 Protocol Architecture
Logical link control

Contention-
free service
Contention
service

Point coordination function

(PCF)
MAC
layer
Distributed coordination function (DCF)

2.4-Ghz 2.4-Ghz Infrared 5-Ghz 2.4-Ghz

frequency- direct 1Mbps orthogonal direct
hopping sequence 2Mbps FDM 6, 9. sequence
spread spread 12. 18, 24, spread
spectrum spectrum 36, 48, 54 spectrum
1Mbps 1Mbps Mbps 5.5 Mbps
2Mbps 2Mbps 11 Mbps

IEEE 802.11 IEEE 802.11a IEEE 802.11b

 Topology
An Extended
Service Set Ad hoc
Network
(ESS)

BSS

Basic Service Set (BSS)

Infrastructure Network

BSS
 Layered Protocol Architecture
• MAC sublayer is responsible for access mechanisms
and fragmentation/reassembly
• MAC management is responsible for roaming in
Extended Service Set (ESS), power management,
association/dissociation/reassociation/ process for
registration connection management
• PHY management: decides on channel tuning
– Physical Layer convergence protocol (PLCP): carrier sensing
and forming packets
– Physical Medium Dependent (PMD): modulation and coding
techniques for signaling
• Station management: coordination of interaction between
MAC and PHY layers
 Low Layer Protocol Stack

LLC

Data Link Layer

Station Management
MAC
MAC Management

PLCP
PHY
Physical Layer Management

PMD

PLCP: Physical Layer Convergence Protocol

PMD: Physical Medium Dependent
 PHY Layer
• When the MAC protocol data unit (MPDU) arrive
at the PLCP layer, a header is attached that is
designed specifically for the PMD
• The PLCP packet is then transmitted by the
PMD according to specification of the signaling
techniques
• IEEE 802.11 defines three PLCP packet
formats:
– FHSS (frequency hopping spread spectrum)
– DSSS (direct sequence spread spectrum)
– DFIR (diffused infrared)
 FHSS
• PMD hops over 78 channels of 1 MHz each in the center
of 2.44 GHz ISM bands
• Each BSS can select one of the three patterns of 26
hops:
– (0, 3, 6, 9, …, 75)
– (1, 4, 7, 10, …, 76)
– (2, 5, 8, 11, …, 77)
• IEEE 802.11 specifies specific random hopping pattern
for each of these frequency groups that facilitates
multivendor interpretability
• Multiple Basic Service Set (BSS) can co-exist in the
same area by up to three APs using different frequency
groups
 DSSS
• DSSS communicates using non-overlapping
pulses at 11 Mcps
• The ISM band at 2.4 GHz is divided into 11
overlapping channels spaced at 5 MHz
• A PHY layer management sublayer of AP
covering a BSS can select one of the choices
• Because of wider bandwidth, DSSS provides a
better coverage and a more stable signal
 Carrier Sense Multiple Access
(CSMA appropriateness?)
• Carrier sense provides information about
potential collision at the sender, but not at
the receiver
• Since the receiver and sender are not co-
located, carrier sense does not provide
adequate information for collision
avoidance – interference at the sender
does not imply interference at the receiver
 Carrier Sensing
• Carrier sensing in IEEE 802.11 is performed
physically or virtually
• PHY sensing is through the clear channel
assignment (CCA) signal produced by PLCP
• CCA is generated by sensing detected bits or by
checking the RSS
• Virtual carrier sensing is done based on a
network allocation vector (NAV) – more later
 MAC Layer
• MAC Sublayer:
– Defines the access mechanisms and packet
formats
• MAC Management:
– Defines roaming support in the ESS, power
management and security
 MAC Sublayer
• Reliable data delivery
• Access mechanisms
– Contention-based
• CSMA/CA
– Contention-free
• RTS/CTS
• Point Coordination Function (PCF)
 Reliable Data Delivery
• High degree of unreliability and large
timers for retransmissions used in higher
layers motivates to deal with errors at the
MAC layer
• Each transmission is followed by an ACK
as an atomic unit. Retransmission is done
if the ACK is not received
• RTS/CTS exchange
Hidden Terminal Problem
A is transmitting a packet to B

B
Node X finds that the medium
A X is free, and transmits a packet

No carrier ≠OK to transmit

Exposed Terminal Problem
A is transmitting a packet to B
B

Y X X can not transmit to Y, even

though it will not interfere at B

Presence of carrier ≠ holds off transmission

 Busy Tone
B is receiving a packet from A

B B

A X
A

Y X
X OK to transmit X not OK to transmit

1. Receiver transmits busy tone when receiving data

2. All nodes hearing busy tone keep silent
3. Requires a separate channel for busy tone
 RTS/CTS dialog

RTS = Request to Send

Defe
r
RTS

Any node that hears this RTS will defer medium access.
 RTS/CTS Dialog
CTS = Clear to Send

Defe Defe
RTS
r r
CTS

Any node that hears this CTS will defer medium access.
 RTS/CTS Dialog

Defe Defe
Data
r r
ACK
 Access Control
• Distributed Coordination Function (DCF)
• Point Coordinated Function (PCF)
Centralized
 Distributed Coordination Function
(DCF)
• DCF sublayer makes use of a simple
CSMA algorithm
• Collision detection (CD) is not included
because of its impracticability in wireless
networks
• DCF includes a set of delays called
interframe space (IFS) to provision priority
 IEEE 802.11 Medium
Wait for frame to
transmit

Medium No
Access Control Logic
idle?

Yes

Wait IFS

Still No Wait until current

idle? transmission ends

Yes
Wait IFS

Transmit frame

Still No
idle?

Yes
Exponential
backoff while
medium idle

Transmit frame
 IEEE 802.11 DCF
• Uses RTS-CTS exchange to avoid hidden terminal
problem
– Any node overhearing a CTS cannot transmit for the duration
of the transfer
– Any node receiving the RTS cannot transmit for the duration
of the transfer
• To prevent collision with ACK when it arrives at the sender

• Uses ACK to achieve reliability

 IEEE 802.11 DCF
• CSMA/CA
– Contention-based random access
– Collision detection not possible while a node is
transmitting
• Carrier sense in 802.11
• Physical carrier sense
• Virtual carrier sense using Network Allocation Vector (NAV)
– NAV is updated based on overheard RTS/CTS packets, each of
which specified duration of a pending Data/Ack transmission
• Collision avoidance
• Nodes stay silent when carrier sensed busy (physical/virtual)
• Backoff intervals used to reduce collision probability
 Backoff Interval
• When the channel is busy, choose a back-
off interval in the range [0,cw]
– cw is contention window
• Count down the back-off interval when
medium is idle
– Count-down is suspended if medium becomes
busy
• When back-off interval reaches 0, transmit
RTS
 Dynamic Contention Window
• Binary Exponential Back-off in 802.11
DCF
– When a node fails to receive CTS in response
to its RTS, it increases the contention window
• cw is doubled (up to an upper bound)
– When a node successfully completes a data
transfer, it restores cw to cwmin
Priority-based Access Provisioning
• Using different values of inter frame space (IFS)
• SIFS (short IFS): used for immediate response
actions
• PIFS (Point coordination function IFS): used by
the centralized controller while issuing polls
• DIFS (Distributed coordination function IFS):
minimum delay for asynchronous frames
contending for access
DIFS > PIFS > SIFS
 802.11 CSMA/CA
S2 S1 R X

DIFS DIFS
B2=9 B2=4
Channel Busy

NAV
Channel Idle

Channel Idle
RTS
S2
SIFS

S1 RTS DATA
B1=5 SIFS SIFS B1=7

R CTS ACK

X
NAV
cw = 15
DIFS: DCF Inter-Frame Space SIFS: Short Inter-Frame Space
 Point Coordination Function (PCF)
• PCF is implemented on top of DCF
• The time sensitive traffic are controlled by the PCF and
the remaining traffic contend for access using CSMA/CA
• The centralized polling master (point coordinator) issues
polls using PIFS
• The poll responses use SIFS
• The point coordinator could issue polls in a round robin
fashion
• Seizing of the medium by the PCF is avoided by using
superframes where the point coordinator is allowed to
poll for a fixed duration and then idle for the rest of the
superframe period to allow the asynchronous traffic to
contend for the medium.
 MAC Frame Format
FC D/I Address Address Address SC Address Frame Body CRC
2 2 6 6 6 2 6 0-2312 4

• Frame Control (FC): Indicated type of frame, provides control

information
• Duration/connection ID (D/I): If used as a duration field -indicates
time (in µ s) for which the channel will be allocated for transmission
of a MAC frame. In some control frames, it contains an association,
or connection identifier
• Addresses: Context dependent. Types include source, destination,
transmitting station, receiving station
• Sequence Control: Used for fragmentation/reassembly.
• Frame Body: Contains an MPDU or its fragment
• Cyclic Redundancy Check (CRC): 32-bit frame check sequence
 Frame Control Field
PV Type SubType TO FROM MF RT PM MD W O
DS DS
2 2 4 1 1 1 1 1 1 1 1

• Protocol Version (PV): 802.11 version, currently version 0

• Type: Identifies the frame as control, management, or data
• Subtype: Identifies the function of frame
• To DS: The MAC coordination sets this bit to 1 in a frame destined to the
distribution system
• From DS: The MAC coordination sets this bit to 1 in a frame leaving the
distribution system
• More Fragments (MF): Set to 1 if more fragments follow
• Retry (RT): Set to 1 if retransmission
• Power Management (PM): Set to 1 if transmitting station is in sleep mode
• More Data (MD): Indicates that a station has additional data to send
• Wired Equivalent Privacy (WEP): WEP implemented
• Order (O): The frames must be processed in order if set to 1.
 IEEE 802.11 Management
Sublayer
• Registration
• Handoff
• Power Management
• Security
 Registration
• A management frame called beacon is
transmitted periodically by the AP to establish
the timing synchronization function (TSF)
• TSF contains: BSS id, timestamp, traffic
indication map (TIM), power management, and
roaming information
• Received Signal Strength (RSS) measurements
are done on the beacon message
• Association: process by which an MS registers
with an AP
 Handoff
• Mobility Types:
– No transition – MS is static or moving within a
BSA
– BSS transition – MS moves from one BSS to
another within the same ESS
– ESS transition – MS moves from one BSS to
another BSS which belong to a different ESS
• Reassociation service is used when an
MS moves from one BSS to another within
the same ESS
 Handoff procedure in IEEE 802.11
re 8. IA
as
so PP
cia in
tio dic
n t at
o o es
AP2 ld
AP

7.
Re
as
Beacon Periodically AP1 AP3 so
e 6. ci a
r ob se R ea
tio
n
P n
4. spo Re ssoc Re
sp
Re qu iat on
e s i on se
3. Probe Request t
1. Strong Signal
5. Choose AP
with strongest response

2. Weak Signal;
start scanning for handoff
 Power Management
• How to power-off during idle periods?
• IEEE 802.11 buffers data at the AP, and sends
the data when the MS is awakened
• Using TSF, all MSs are synchronized – they
wake up at the same time to listen to beacon
• With every beacon a TIM is sent that has a list of
stations having buffered data
• An MS learns that it has buffered data by
checking beacon and TIM
 Security
• There are provisions for authentication and
privacy in IEEE 802.11
• Open system authentication (default)
– Request frame sends the authentication algorithm id
– the response frame sends the result
• Shared key authentication
– Request frame sends the authentication frame id for
the shared key that is shared between itself and the
AP
– The second station sends a challenge text
– The first station sends the encrypted challenge as the
response
– The second station sends the authentication result