Understanding Wireless LAN: IEEE 802.11 Protocol Analysis
Discover the fundamentals of Wireless Local Area Networks (WLAN) through an exploration of the IEEE 802.11 family of standards. Delve into topics such as network architecture, infrastructure modes, and collision avoidance mechanisms like CSMA/CA. Gain insights into packet capturing nuances and differences between WLAN and Ethernet technologies.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
COMP2322 Lab 1 Introduction to Wireless LAN Weichao Li Apr. 8, 2016
Content Introduction to WLAN IEEE 802.11 wireless network protocol Analyze the protocol 2
Introduction Wireless Local Area Network (WLAN) A type of short range wireless network Are confined to a limited area Covers corporate building, school campuses, homes, Operate on an unlicensed spectrum for industrial, scientific, medical (ISM) usage 3
IEEE 802.11 family A set of specifications for implementing WLAN 802.11b, 11Mbps at 2.4GHz 802.11g, 54Mbps at 2.4GHz 802.11n, 150Mbps at 2.4/5GHz 802.11ac, 866.7Mbps at 5GHz 4
Architecture Stations (STA) Access points (APs) Clients Basic service set (BSS) A set of all stations that can communicate with each other at PHY layer Extended service set (ESS) A set of connected BSSs 5
Network type Infrastructure mode An AP acts as a wireless hub, and clients communicate through the hub Ad hoc mode Stations communicate only peer to peer 6
WLAN vs. Ethernet PHY 802.11 frame vs. 802.3 frame MAC CSMA/CA vs. CSMA/CD CD does not work since collisions that happens at the receiver cannot be detected by the sender B A C 7
CSMA/CA Uses short signaling packets for collision avoidance RTS request (or ready) to send If the sender wants to send a data packet , it first broadcasts a short RTS packet to the receiver to request the right CTS clear to send The receiver grants the right by broadcasting a CTS packet as soon as it is ready to receive DATA When the sender receives the CTS, it sends the data to the receiver 8
Packet capturing in WLAN 802.11 frames cannot be captured directly The WNIC (wireless network interface card)/driver will transfer the 802.11 frames to 802.3 Ethernet frame 9
Packet capturing in WLAN (contd) In windows, use special WNIC and driver (e.g., AirPcap) https://support.riverbed.com/content/support/softwa re/steelcentral-npm/airpcap.html In Linux Enable monitor mode with iwconfig iwconfig wlan0 mode monitor Force the WNIC work at promiscuous mode ifconfig wlan0 promisc Not all WNICs support monitor mode 10
802.11 frames Data frames Control frames Assist with the delivery of the data frames E.g., Power Save (PS) Poll, RTS, CTS, Acknowledgement (ACK), Management frames Are used by stations to establish and maintain communications Beacon, Association Request, Association Response, Disassociation, Authentication, Deauthentication, 11
802.11 frames (contd) Beacon frame The AP periodically sends a beacon frame to announce its presence and relay information WNICs continually scan all 802.11 radio channels and listen to beacons Association-related frames The management frames exchanged when a client tries to join/leave a BSS 12
802.11 frames (contd) Radiotap header Provides additional information that is added to each 802.11 frame when capturing frames with an analysis application Not part of the standard 802.11 frame format 13
Beacon Frame 14 14
Practice An IEEE 802.11 trace collected by AirPcap and Wireshark Listen on channel 6 http://www4.comp.polyu.edu.hk/~appsec/ta/Wir eshark_802_11.pcap Download the trace and open it in Wireshark 30 AP: 30 Munroe St AP 24 AP: linksys_ses_24086 AP 15
Questions (1) Overall information (5 marks) How many ESSs can be observed in the trace on channel 6? List the name of them. (5 marks) How many APs can be found for each ESS? List the BSSID for them. 16
Questions (2) Beacon frame (2 marks) What are the BSSIDs of the two APs that are issuing most of the beacon frames in this trace? (3 marks) What are the intervals of time between transmission of the beacon frames for the two APs? (2 marks) What (in hexadecimal notation) is the destination MAC address in the beacon frame? (3 marks) The beacon frames from 30 AP advertise that it can support four data rates and eight additional extended supported rates. What are these rates? 17
Questions(3) Data transfer Find 802.11 frame containing SYN TCP segment for this first TCP connection (that downloads alice.txt). (3 marks) What are the three MAC address fields in the 802.11 frame? And what does the destination MAC address corresponds to? (2 marks) What is the IP address of the wireless host sending this TCP segment? What does the destination IP corresponds to? Find 802.11 frame containing SYN/ACK segment for this TCP connection. (3 marks) What are the three MAC address fields in the 802.11 frame? And what does the destination MAC address corresponds to? (2 marks) Does the sender MAC address in the frame correspond to the source IP address within this datagram? Explain your answer. 18
Questions(4) Association/disassociation (3 marks) What are the two actions taken (i.e., frames are sent) by host just after t=49 to end the association with 30 AP ? Explain Type and Subtype for 802.11-layer action. (3 marks) Set the Wireshark display filter to display only AUTHENTICATION messages sent from host to 24 AP (whose MAC is Cisco_Li_f5:ba:bb). Write down your filter setting , and answer how many those messages? Hint: the first AUTHENTICATION is started at around t=49. (2 marks) Does the host want authentication to require a key or be open? Explain it using a field in the management frame. (2 marks) Do you see a reply AUTHENTICATION from 24 AP in the trace? If not, explain why not. 19
Questions(5) Association/disassociation Consider what happens as host gives up associating with 24 AP and now tries to associate with 30 AP (3 marks) At what time is the first AUTHENTICATION frame from host to 30 AP, and when for reply AUTHENTICATION frame? An ASSOCIATE REQUEST from host to AP, and a corresponding ASSOCIATE RESPONSE frame from AP to host are used for host to associated with an AP (5 marks) At what time is there an ASSOCIATE REQUEST from host to 30 AP ? When is the corresponding ASSOCIATE REPLY sent? And write down your Wireshark display filter setting. (2 marks) What transmission rates are the host willing to use? 30 AP ? 20
Some display filters Display only the frames that are transmitted in a BSS wlan.bssid==BSSID Display only the frames that are transmitted in an ESS wlan_mgt.ssid== ESSID Display a particular type of management frames wlan.fc.subtype==subtype number 21
Resources 802.11 Frame formats Section 7 in http://gaia.cs.umass.edu/wireshark- labs/802.11-1999.pdf Quite useful!!! Computer Networking: A Top-down Approach, 5thedition Section 6.3 Wireshark protocol hints 23
Thanks 24
