Cisco Fundamentals of Wireless LANs Ch. 02 – Part 1 – 802.11 MAC and Cisco Client Adapters Yaser Rahmati | یاسر رحمتی Rahmati Academy | آکادمی رحمتی www.yaser-rahmati.ir www.rahmati-academy.ir

1. Ch. 2 – 802.11 and NICs
Part 1 – 802.11 MAC and Cisco Client
Adapters
This Power Point Presentation was originally created by
Prof. Rick Graziani, and modified by Prof. Yousif

2. Overview
• Sections 2.2 and 2.3
– We will not use most of the online curriculum in these
sections.
– This presentation will add additional material.
– However, still please read the online curriculum.
Will not use curriculum.
Additional information provided.
MAC – Two presentations. This is Part I
PHY – Separate presentation.

3. 802.11 Overview and MAC Layer
Part 1 – 802.11 MAC and Cisco
Client Adapters
• 2.1 Online Curriculum
– 802.11 Standards
• Overview of WLAN Topologies
– IBSS
– BSS
– ESS
– Access Points
• 802.11 Medium Access
Mechanisms
– DCF Operations
– Hidden Node Problem
– RTS/CTS
– Frame Fragmentation
• 2.4 – 2.6 Online Curriculum
– Client Adapters
– Aironet Client Utility (ACU)
– ACU Monitoring and
Troubleshooting Tools
– Covered through the labs
Part 2 – 802.11 MAC
• (Separate Presentation)
• 802.11 Data Frames and
Addressing
• 802.11 MAC Layer Operations
– Station Connectivity
– Power Save Operations
– 802.11 Frame Formats
• Non-standard devices

4. Recommended Reading and Sources for
this Presentation
• To understand WLANs it is important to understand the 802.11
protocols and their operations.
• These two books do an excellent job in presenting this information and
is used throughout this and other presentations.
Matthew S. Gast
ISBN:
0596001835
Pejman Roshan
Jonathan Leary
ISBN:
1587050773

5. 802.11 Standards

6. Overview of
Standardization
• Standardization of networking functions has done much to further the
development of affordable, interoperable networking products.
• This is true for wireless products as well.
• Prior to the development of standards, wireless systems were plagued
with low data rates, incompatibility, and high costs.
• Standardization provides all of the following benefits:
– Interoperability among the products of multiple vendors
– Faster product development
– Stability
– Ability to upgrade
– Cost reductions

7. IEEE and 802.11
• IEEE, founded in 1884, is a nonprofit professional organization
• Plays a critical role in developing standards, publishing technical
works, sponsoring conferences, and providing accreditation in the area
of electrical and electronics technology.
• In the area of networking, the IEEE has produced many widely used
standards such as the 802.x group of local area network (LAN) and
metropolitan area network (MAN) standards,

8. IEEE 802.11 Architecture
• 802.11 is a family of protocols, including the original specification,
802.11, 802.11b, 802.11a, 802.11g and others.
• Officially called the IEEE Standard for WLAN MAC and PHY
specifications.
• 802.11 “is just another link layer for 802.2”
• 802.11 is sometimes called wireless Ethernet, because of its shared
lineage with Ethernet, 802.3.
• The wired network side of the network could be Ethernet
• Access Points and Bridges act as “translation bridges” between
802.11 and 802.3

9. Overview of WLAN Topologies
IBSS
BSS
ESS

10. Overview of WLAN Topologies
• Three types of WLAN Topologies:
– Independent Basic Service Sets (IBSS)
– Basic Service Set (BSS)
– Extended Service Set (ESS)
• Service Set – A logical grouping of devices.
• WLANs provide network access by broadcasting a signal across a wireless
radio frequency (Beaconning)
• Transmitter prefaces its transmissions with a Service Set Identifier (SSID)
• A station may receive transmissions from transmitters with the same or
different SSIDs.

11. Independent Basic Service Sets (IBSS)
• IBSS consists of a group of 802.11 stations directly communicating with
each other.
• No Access Point used
• Also known as an ad-hoc network.
• Usage: Few stations setup up for a specific purpose for a short period
of time. (ex. file transfers.)
• We will have a an IBSS lab, but our main focus will be BSSs and
ESSs.

12. Basic Service Set (BSS)
• BSS, also known as an Infrastructure BSS.
• Requires an Access Point (AP)
– Converts 802.11 frames to Ethernet and visa versa
– Known as a translation bridge
• Stations do not communicate directly, but via the AP
• APs typically have an uplink port that connects the BSS to a wired
network (usually Ethernet), known as the Distribution System (DS).

13. Extended Service Set (ESS)
• Multiple BSSs can be connected together with a layer 2 “backbone
network” to form an Extended Service Set (ESS).
• 802.11 does not specify the backbone network
• The backbone network is also known as the Distribution System (DS)
and could be wired or wireless.
• Stations are “associated” with only one AP at a time.
• The SSID is the same for all BSS areas in the ESS (unless creating
multiple BSSs, i.e. one for Marketing and another for Sales).

14. • What if you want to be able to move between access points without the
latency of re-association and re-authentication (these will be explained)?
• Roaming gives stations true mobility allowing them to move seamlessly
between BSSs. (More later)
• APs need to be able to communicate between themselves since stations
can only associate with one AP at a time.
• Currently, inter-access point communication can only be achieved with
proprietary, non-standard technologies.
• IEEE 802.11 working group (Task Group F) is working on standardizing
IAPP (Inter-Access Point Protocol)
Extended Service Set (ESS)

15. Access Points
• Access Point (AP)
– Translates (converts) 802.11 frames to Ethernet and visa versa
– Known as a translation bridge
– Typically provides wireless-to-wired bridging function
– All BSS communications must go through the AP, even between
two wireless statsions

16. Quick Preview: Station/AP Connectivity
SSID (Service Set Identity)
• At a minimum a client station and
the access point must be
configured to be using the same
SSID.
• An SSID is:
– Between 2 and 32
alphanumeric characters
– Spaces okay
– Must match EXACTLY,
including upper and lower
case
– Sometimes called the ESSID
– Not the same as BSSID (MAC
address of the AP)

17. Quick Preview: Station/AP Connectivity
• SSIDs are sent by the APs in beacons (and other frames)
• Beacons can be seen by many applications (NetStumbler, iStumbler,
MacStumbler, Kismet, KisMAC) and Windows.
– We will take a look at these applications later.
Can use windows to configure wireless
NIC, but we will use the Cisco client
utility, Aironet
SSID 2 and 3 are used for roaming
where different SSIDs are used (later)

18. Quick Preview: Station/AP Connectivity
• The Access Point has the same SSID.
• The Cisco AP shows the default SSID tsunami, which would need to be
changed to GuidoNet or the client to to change their SSID to tsunami
(which is usually the case).
SSID
If the frimware has been
upgraded, the SSID will be under
Security SSID Manager

19. Quick Preview: Station/AP Connectivity
• Your operating system (Windows) or wireless NIC client (Aironet) will
tell you whether or not you have successfully connected (associated).
Windows Toolbar Icon
Aironet Toolbar Icon
Windows
Network
Properties

20. Quick Preview: Station/AP Connectivity
• This only associates your client with the AP.
• If you want to communicate with other devices on the network (wireless
and wired), make sure your IP address and subnet mask are correct
(or if using DHCP choose that setting).
• This is configured for your wireless NIC, not the wired NIC.

21. 802.11 Medium Access
Mechanisms
Distributed Coordination
Function (DCF) Operations
Hidden Node Problem
RTS/CTS
Frame Fragmentation

22. Why the detail?
• Why are we going to look so closely at the 802.11 protocol framing and
its operations?
• To understand the settings and features of various client adapters and
access points, we need to understand what is actually happening.
• For example, if someone tells you that you may need to implement
RTS/CTS because of a hidden node problem, it helps to understand
what that really means and what impact it will have upon your network.

23. 802.11 Frames – This isn’t Ethernet!
• 802.11 has some similarities with Ethernet but it is a different protocol.
• Access Points are translation bridges.
• From 802.11 to Ethernet, and from Ethernet to 802.11
• The “data/frame body” is re-encapsulated with the proper layer 2 frame.
• Certain addresses are copied between the two types of frames.
Distribution System (DS)
General 802.11 Frame
IP Packet
IP Packet
L
L
C

24. 802.11 Frames
802.11 Frames
• Data Frames (most are PCF)
– Data
– Null data
– Data+CF+Ack
– Data+CF+Poll
– Data+CF+Ac+CF+Poll
– CF-Ack
– CF-Poll
– CF-Cak+CF-Poll
• Control Frames
– RTS
– CTS
– ACK
– CF-End
– CF-End+CF-Ack
• Management Frames
– Beacon
– Probe Request
– Probe Response
– Authentication
– Deauthentication
– Association Request
– Association Response
– Reassociation Request
– Reassociation Response
– Disassociation
– Announcement Traffic
Indication

25. Medium Access – CSMA/CA
• Both CSMA/CD and CSMA/CA are half-duplex architectures
• Ethernet uses CSMA/CD – Collision Detection
– Ethernet devices detect a collision as when the data is transmitted
• 802.11 uses CSMA/CA – Collision Avoidance
– 802.11 devices only detect a collision when the transmitter has not
received an Acknowledgement (coming).
– Stations also use CS/CCA – coming
– Stations also use a virtual carrier-sense function, NAV (coming)
CSMA/CD CSMA/CA
ACK
All stations detect the
collision

26. Medium Access – CSMA/CA
• The 802.11 standard makes it mandatory that all stations implement the DCF
(Distributed Coordination Function), a form of carrier sense multiple access
with collision avoidance (CSMA/CA). Coming!
• CSMA is a contention-based protocol making sure that all stations first sense
the medium before transmitting (physically and virtually). Coming!
• The main goal of CSMA/CA is to avoid having stations transmit at the same
time, which will then result in collisions and eventual retransmissions. Coming!
• However, collisions may still occur and when they do stations may or may not
be able to detect them (hidden node problem). Coming!
CSMA/CD CSMA/CA
ACK
All stations detect the
collision

27. DCF and PCF
• IEEE mandated access mechanism for 802.11 is DCF (Distributed
Coordination Function)
– Basis for CSMA/CA
– Discussed in detail next
• There is also the PCF (Point Coordination Function)
– Point Coordinators (PC), ie.Access Points, provide point
coordination for contention-free services.
– Restricted to Infrastructure BSSs
– Stations can only transmit when allowed to do so by PC (AP).
– PCF is not widely implemented and will not be discussed

28. DCF Operation
• In DCF operation, a station wanting to transmit :
– Checks to see if radio link is clear, CS/CCA – Carrier Sense,
Clear Channel Assessment (Later in PHY presentation)
– Checks its Network Allocation Vector (NAV) timer to see if
someone else is using the medium.
– If medium is available DCF uses a random backoff timer to avoid
collisions and sends the frame.
• Transmitting station only knows the 802.11 frame got there if it receives
an ACK.
• May also use RTS/CTS to reduce collisions (coming)

29. Duration Field
• Duration/ID field – The number of microseconds (millionth of a
second) that the medium is expected to remain busy for transmission
currently in progress.
– Transmitting device sets the Duration time in microseconds.
– Includes time to:
• Transmit this frame to the AP (or to the client if from an AP)
• The returning ACK
• The time in-between frames, IFS (Interframe Spacing)
• All stations monitor this field!
• All stations update their NAV (Network Allocation Vector) timer.
General 802.11 Frame (more on this later)

30. NAV Timer
• All stations have a NAV (Network Allocation Vector) timer.
• Virtual carrier-sensing function
• Protects the sequence of frames from interruption.
• Martha sends a frame to George.
• Since wireless medium is a “broadcast-based” (not broadcast frame) shared
medium, all stations including Vivian receive the frame.
• Vivian updates her NAV timer with the duration value.
• Vivian will not attempt to transmit until her NAV is decremented to 0.
• Stations will only update their NAV when the duration field value received is
greater than their current NAV.
General 802.11 Frame (more on this later)

31. Broadcast-based shared medium
• Host A is sending
802.11 frames to
another host via the AP.
• All other 802.11 devices
in BSS (on this channel)
and within range of the
signal will see the
frame.
• 802.11 framing provides
addressing, so only the
AP knows it is the next-
hop receiver.
• Other 802.11 devices
within this BSS can
sense that the medium
is in use and will update
their NAV values. What if a station is in range of the AP but not
the Host A? (Hidden node problem – later)

32. Interframe Spacing (IFS)
• 802.11 uses four different interframe spaces used to determine medium access
(note: microsecond = millionth of a second):
– DIFS – DCF Interface Space (50 microseconds in DSSS)
• Minimum amount of medium idle time until contention-based services
begin.
– PIFS – PCF Interframe Space (30 microseconds in DSSS)
• Used by PCF
– SIFS – Short Interframe Space (10 microseconds in DSSS)
• Used for highest priority transmission, ACKs, RTS, CTS

33. Wanting to transmit (1/3)
• Station wanting to transmit.
• Carrier Sensing:
– Physical: Physically senses medium is idle (CS/CCA – coming).
– Virtual: NAV timer is 0
• Waits DIFS (DCF Interface Space) period of 50 microseconds
– Minimum amount of medium idle time until contention-based services
begin.
– Once DCF is over, stations can contend for access.
• Contention window begins.
– Uses random backoff algorithm to determine when it can attempt to
access the medium. (next)
Random backoff slots

34. Wanting to transmit (2/3)
• (Detail of random backoff algorthim has been left out, but this will be sufficient.)
• The random backoff algorithm randomly selects a value from 0 to 255
(maximum value varies by vendor and stored in the NIC).
• The random value is the number of 802.11 slot times the station must wait
after the DIFS, during the contention window before it may transmit.
• Stations pick a random slot and wait for that slot before attempting to access
the medium.
• With several stations attempting to transmit, the station that picks the lowest
slot, lowest random number, wins.
Contention Window Begins

35. Example
Scenario:
• Both Vivian and George want to transmit frames.
• Both stations have same NAV values and physically sense when the
medium is idle.
• Both are waiting for Martha’s transmission to end and the medium to
become available.
• The medium now becomes available.
I’m
waiting
I’m
waiting

36. Example
• George and Vivian are both wanting to transmit.
• Both perform the following:
• Both sense that medium is available using Physical and Virtual
Carriers Sensing:
– Physical: Physically senses medium is idle (CS/CCA – coming).
– Virtual: NAV timer is 0
• Both waits DIFS (DCF Interface Space) period of 10 microseconds
• Contention window begins.
– Uses random backoff algorithm to determine when it can attempt
to access the medium. (next)
Random backoff slots

37. Example
• Both Vivian and George calculate their random backoff algorithm to
randomly selects a value from 0 to 255.
• Vivian has a slot time of 7, George a slot time of 31.
• Vivian wins.
• The destination of her frame is George
Vivian (7), George (31)

38. Example
• Vivian transmits, setting the Duration ID to the time needed to
transmit, ACK and IFSs.
• George with a higher slot will see the 802.11 frame from Vivian and
wait to transmit.
• Assuming their was not a collision from another station, Martha and
George update their NAVs.
General 802.11 Frame (more on this later)
Others
update NAV
Martha and George
receive “broadcast-
based” 802.11 frame.
( ( ( ) ) )

39. 802.11 Medium Access
Mechanisms
DCF Operations
Hidden Node Problem
RTS/CTS
Frame Fragmentation

40. Hidden Node Problem
• What if a station is in range of the AP but not other hosts, like the
transmitting host?
• Wireless networks have fuzzy boundaries, sometimes where may not
be able to communicate/see every other node.
• Hidden nodes can be caused by:
– Hosts are in range of the AP but not each other.
– An obstacle is blocking the signal between the hosts.

41. Hidden Node Problem
• The problem is collisions.
– Collisions occur at the AP (or another station in an IBSS).
– Both stations assume the medium is clear and transmit near the
same time, resulting in a collision.
– The AP cannot properly receive either signal and will not ACK either
one.
– Both stations retransmit, resulting in more collisions.
• Throughput is significantly reduced, up to 40%.

42. Hidden Node Problem
• Solutions:
– Move the node
– Remove the obstacle
– Use RTS/CTS (Request to Send / Clear to Send)

43. 802.11 Medium Access
Mechanisms
DCF Operations
Hidden Node Problem
RTS/CTS
Frame Fragmentation

44. RTS/CTS Solution
• The hidden node stations cannot see the RTS.
• The AP replies to Vivian with a CTS, which all nodes, including the
hidden node can see.
• Vivian transmits the frame.
• The AP returns an ACK to Vivian.
• The AP sends the message to George who returns an ACK to the AP.
• Vivian attempts to reserve the medium using
an RTS control frame to the AP.
• The RTS frame indicates to the AP and all
stations within range, that Vivian wants to
reserve the medium for a certain duration
of time, message, ACK, and SIFS.

45. RTS/CTS Solution
• The RTS/CTS procedure can be enabled/controlled by setting the RTS
threshold on the 802.11 client NIC.
• RTS/CTS is also used during frame fragmentation (coming).
• RTS/CTS consumes a fair amount of
capacity and overhead, resulting in
additional latency.
• Normally used in high capacity
environments.

46. Setting the RTS Threshold on a Cisco Client
• Specifies the data packet size beyond which the low-level RF protocol invokes RTS/CTS
flow control. A small value causes RTS packets to be sent more often, which consumes
more of the available bandwidth and reduces the throughput of other network packets.
However, small values help the system recover from interference or collisions, which can
occur in environments with obstructions or metallic surfaces that create complex
multipath signals.
RTS
Threshold

47. Improving WLAN Performance with RTS/CTS by
Jim Geier (wi-fiplanet.com)
• If you enable RTS/CTS on a particular station (just the hidden
node station), it will refrain from sending a data frame until
the station completes a RTS/CTS handshake with another
station, such as an access point.
• Keep in mind, though, that an increase in performance using
RTS/CTS is the net result of introducing overhead (i.e.,
RTS/CTS frames) and reducing overhead (i.e., fewer
retransmissions). If you don't have any hidden nodes, then
the use of RTS/CTS will only increase the amount of
overhead, which reduces throughput. A slight hidden node
problem may also result in performance degradation if you
implement RTS/CTS. In this case, the additional RTS/CTS
frames cost more in terms of overhead than what you gain by
reducing retransmissions. Thus, be careful when
implementing RTS/CTS.

48. Improving WLAN Performance with RTS/CTS by
Jim Geier (wi-fiplanet.com)
• One of the best ways to determine if you should activate
RTS/CTS is to monitor the wireless LAN for collisions. If you
find a large number of collisions and the users are relatively
far apart and likely out of range, then try enabling RTS/CTS
on the applicable user wireless NICs. You can activate the
function by clicking "enable RTS/CTS" somewhere in the user
setup screens. You don't need to enable RTS/CTS at the
access point in this case. After receiving a RTS frame from a
user's radio NIC, the access point will always respond with a
CTS frame.
• Of course, keep in mind that user mobility can change the
results. A highly mobile user may be hidden for a short period
of time, perhaps when you perform the testing, then be closer
to other stations most of the time. If collisions are occurring
between users within range of each other, the problem may
be the result of high network utilization or possibly RF
interference.

49. 802.11 Medium Access
Mechanisms
DCF Operations
Hidden Node Problem
RTS/CTS
Frame Fragmentation

50. Frame Fragmentation
• Since we have already discussed RTS/CTS, let’s also discuss frame
fragmentation.
• Later, we will see that RTS/CTS and fragmentation are typically
combined.
• Frame fragmentation is a MAC layer function that is designed to
increase the reliability of transmitting frames across a wireless
medium.

51. Frame Fragmentation
• In a “hostile wireless medium” (interference, noise) larger frames may
have more of a problem reaching the receiver without any errors.
• By decreasing the size of the frame, the probability of interference
during transmission can be reduced.
• Breaking up a large frame into smaller frames, allows a larger
percentage of frames to arrive undamaged (without errors).

52. Frame Fragmentation
• Frame fragmentation can increase the reliability of frame transmissions
but there is additional overhead:
– Each frame fragment includes the 802.11 MAC protocol header.
– Each frame fragment requires a corresponding acknowledgement.
• If a frame fragment encounters errors or a collision, only that fragment
needs to be retransmitted, not the entire frame.
• The frame control field includes information that this is a fragmented
frame.

53. Frame
Fragmentation
• The “network administrator” (user) can define the fragment size.
• Fragment size – The largest packet that the client adapter sends
without fragmenting the packet.
• Only unicast packets will be fragmented, not broadcasts or multicasts.
Fragment Threshold:
Defines the largest RF packet that the client
adapter sends without splitting the packet
into two or more smaller fragments. If a
single fragment experiences interference
during transmission, only that fragment must
be resent. Fragmentation generally reduces
throughput because the packet overhead for
each fragment consumes a higher portion of
the RF bandwidth.

54. Client Adapters
and ACU
Done during labs