Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Technische Universität München ilab WLAN
Wireless transmission problems Error rate is much higher Interferences multipath propagation Receiving rate decreases quadratically with the distance Collision detection is difficult We can‘t distinghuish collisions from other errors Not full duplex No CSMA/CD possible Aim: avoid collisions in the first place Highest propability for collisions: • Station A is sending data • Stations B and C both get data to send out but the medium is busy • Once the medium is available, B and C start sending at the same time Ilab - WLAN 2
Hidden-Terminals and Exposed-Terminals Hidden-Terminals A is sending to B, C cannot hear A C wants to send to B, C assumes the medium is free (CS fails) Collision at B, A cannot detect the collision (CD fails) A is a hidden terminal for C Exposed-Terminals B is sending to A, A B C C wants to send data to D C detects a busy medium and waits C is out of range from A -> could send to D right away A B C D Ilab - WLAN 3
Infrastructure- vs. Ad-hoc-Network Infrastructure network AP: Access Point AP Wired network AP AP Ad-hoc-Netzwork Ilab - WLAN 4
802.11 – Architecture of an Infrastructure network Station (STA) 802.11 LAN 802.x LAN Terminal that is capable of accessing the medium STA 1 Basic Service Set (BSS) BSS 1 Group of stations that use the same Portal Access frequency Point Distribution System Access Point Access Allows wired devices to connect to a ESS Point wireless system BSS 2 Portal Bridge to other (wired) networks STA 3 STA 2 Distribution System 802.11 LAN Interconnection-Netzwerk ESS: group of multiple BSS Ilab - WLAN 5
802.11 – Layers PMD - Physical Medium Dependent MAC Modulation, Coding Access Control mechanisms, FHSS fragmentation, encryption DSSS MAC Management PLCP - Physical Layer Convergence Synchronization, Roaming, Power- Management Protocol Carrier-Sense PHY Management Channel selection Station Management LLC DLC Layer 2 MAC MAC Management PLCP PHY Layer 1 PHY Management PMD Ilab - WLAN 6
WLAN packets Layer 1 Header Layer 2 Header Ilab - WLAN 7
Example Infrastructure STA 1 STA 2 LAN 1 AP 1 AP 2 STA 5 STA 4 STA 3 LAN 2 STA 6 STA 7 Ilab - WLAN 8
Layer 2 addresses Frame Control field To/From DS values Meaning To DS = 0, From DS = 0 A data frame direct from one STA to another STA within the same IBSS, as well as all management and control type frames -> Ad Hoc Mode To DS = 0, From DS = 1 Data frame exiting the DS To DS = 1, From DS = 0 Data frame destined for the DS. To DS = 1, From DS = 1 Wireless distribution system (WDS) frame being distributed from one AP to another AP. Addresses To DS From DS Address 1 Address 2 Address 3 Address 4 0 0 RA = DA TA = SA BSSID N/A 0 1 RA = DA TA = BSSID SA N/A 1 0 RA = BSSID TA = SA DA N/A 1 1 RA TA DA SA DA: Destination Address RA: Receiver Address SA: Source Address TA: Transmitter Address Ilab - WLAN 9
Example STA1 to STA6 Addr1: STA1 STA 1 STA 2 Addr2: STA6 LAN 1 STA1 to STA6 to DS: 1 from DS: 1 Addr1: AP2 Addr2: AP1 AP 1 Addr3: STA6 Addr4: STA1 STA3 to STA4 AP 2 to DS: 1 from DS: 0 STA3 to STA4 Addr1: AP1 to DS: 0 from DS: 1 Addr2: STA3 Addr1: STA4 Addr3: STA4 Addr2: AP1 STA 5 Addr3: STA3 STA1 to STA6 Addr1: STA1 STA 4 Addr2: STA6 STA 3 LAN 2 STA 6 STA 7 Ilab - WLAN 10
802.11 – Physical Layer 3 variants: 2x radio (2.4 GHz Band), 1x IR data rate 1 or 2 Mbit/s Infrarot – standardized but not implemented FHSS (Frequency Hopping Spread Spectrum) – outdated 1 Mbit/s Channel hopping DSSS (Direct Sequence Spread Spectrum) Signal is spread using a random code Various modulation techniques max. transmission power 1 W (USA), 100 mW (EU), min. 1mW Preamble and PHY-Header always: 1 Mbit/s, otherwise 1 or 2 Mbit/s 802.11b: Short Preamble and data up to 11 Mbit/s Ilab - WLAN 11
802.11 – Physical Layer New: OFDM (Orthogonal Frequency-Division Multiplexing) A large number of closely-spaced sub-carriers are used to carry data Very robust and efficient 802.11a and 802.11g: up to 54 MBit/s Very new: OFDM + MIMO Multiple Antennas: Multiple input, multiple output 802.11n: 100 MBit/s netto Frequency range 2,4 GHz ISM-Band • Not only WLAN but also : microwaves, bluetooth, ZigBee, wireless headphones… 5GHz Band „more quiet“ Ilab - WLAN 12
802.11 – MAC-Layer - DFWMAC Access control mechanisms DFWMAC- DCF CSMA/CA (mandatory) • Distributed Foundation Wireless Medium Access Control – Distributed Coordination Function • Collision-Avoidance per random „Back-off“-mechanism • Minimal gap between two consecutive packets • Special ACK packet DFWMAC- DCF w/ RTS/CTS (optional) – usually implemented • Distributed Foundation Wireless MAC with Request-to-Send / Clear-to-Send • RTS/CTS helps with the hidden terminal problem DFWMAC- PCF (optional) – usually not implemented • Point Coordination Function • Access-Point polls the terminals New: 802.11e Quality of Service packet prioritization New energy saving mechanisms Ilab - WLAN 13
802.11 – MAC-Layer Priorities By different inter frame spaces 802.11b DSSS: SIFS (Short Inter Frame Spacing) SIFS: 10 µs Slot Time: 20 µs • Highest priority for ACK, CTS, Polling-answer PIFS (PCF, Point Coordination Function IFS) • Medium priority for time-bounded services with PCF • PIFS = SIFS + 1 Slot Times DIFS (DCF, Distributed Coordination Function IFS) • Lowest priority for asynchronous data transmission • DIFS = SIFS + 2 Slot Times DIFS DIFS PIFS SIFS medium busy contention next frame t direct access if medium is free ≥ DIFS Ilab - WLAN 14
802.11 – Access via CSMA/CA I contention window (randomized back-off DIFS DIFS mechanism) medium busy next frame t direct access if medium is free ≥ DIFS slot time Once a station is ready to send out data, it checks the medium if it is free (carrier sense) If the medium is available for the length of a DIFS, the station begins to send (*) If the medium is busy, the station has to wait until the medium has been free for a whole DIFS. Then the station waits an additional random back-off-time (collision avoidance) If another station uses the medium during the back-off time, the timer is stopped and we continue at (*) Ilab - WLAN 15
802.11 – Access via CSMA/CA II Transmission of unicast packets Receiver sends ACK (after SIFS) right after the packet has been received successfully (CRC check passed) • Highest priority for ACKs DIFS data sender SIFS ACK receiver DIFS data other stations t waiting time contention Ilab - WLAN 16
802.11 – multiple stations - simplyfied DIFS DIFS DIFS DIFS bo e bo r bo e bo r bo e busy station 1 bo e busy station 2 busy station 3 bo e bo e bo r busy station 4 bo e bo r bo e bo e bo r busy station 5 t medium not idle (frame, ack etc.) elapsed backoff time bo e busy packet arrival at MAC bo r residual backoff time Ilab - WLAN 17
Extension: RTS and CTS Ready to Send (RTS) and Clear to Send (CTS) frames RTS is sent before every transmission contains the expected duration of the transmission Receiver has to confirm via a CTS Everyone who received the CTS known that the medium will be busy for the specified duration Solves the hidden terminal problem B‘s CTS is also received by C A B C Ilab - WLAN 18
Synchronization via beacon (Infrastructure) beacon interval B B B B access point busy busy busy busy medium t B value of the timestamp beacon frame Synchronization needed for Power Management Quality of Service FHSS Beacon also contains BSS-ID Helps new stations to join the network Ilab - WLAN 19
Synchronization via Beacon (Ad-hoc) beacon interval B 1 B 1 station 1 B 2 B 2 station 2 busy busy busy busy medium t B value of the timestamp beacon frame random delay Ilab - WLAN 20
WLAN-Security WEP & WPA Ilab - WLAN 21
WEP – Wired Equivalent Privacy Encryption of the IEEE 802.11-Standards Authentication Open System (= no authentication) Shared Key No key management, not suitable for large networks Confidentiality Stream chipher RC4 Integrity CRC32 Ilab - WLAN 22
Drawbacks of WEP Integrity RC4 and CRC32 are linear, manipulation possible CRC32(A XOR B) = CRC32(A) XOR CRC32(B) Confidentiality Key length only 40 Bit (political reasons, export restrictions) Too short Extended to 128bit (WEP2) Key stream is often reused C 1 ⊕ C 2 = (P 1 ⊕ K) ⊕ (P 2 ⊕ K) = P 1 ⊕ P 2 In 2001, Scott Fluhrer, Itsik Mantin und Adi Shamir showed how to break WEP in a short period of time Today: WEP keys can be broken within a few minutes Ilab - WLAN 23
Recommend
More recommend
