802.11 MAC Layer Defined
Page 1 of 1
The 802.11 standard specifies a common medium access control (MAC) Layer, which provides a variety of functions that support the operation of 802.11-based wireless LANs. In general, the MAC Layer manages and maintains communications between 802.11 stations (radio network cards and access points) by coordinating access to a shared radio channel and utilizing protocols that enhance communications over a wireless medium. Often viewed as the "brains" of the network, the 802.11 MAC Layer uses an 802.11 Physical (PHY) Layer, such as 802.11b or 802.11a, to perform the tasks of carrier sensing, transmission, and receiving of 802.11 frames.
Medium access basics
Before transmitting frames, a station must first gain access to the medium, which is a radio channel that stations share. The 802.11 standard defines two forms of medium access, distributed coordination function (DCF) and point coordination function (PCF). DCF is mandatory and based on the CSMA/CA (carrier sense multiple access with collision avoidance) protocol. With DCF, 802.11 stations contend for access and attempt to send frames when there is no other station transmitting. If another station is sending a frame, stations are polite and wait until the channel is free.
As a condition to accessing the medium, the MAC Layer checks the value of its network allocation vector (NAV), which is a counter resident at each station that represents the amount of time that the previous frame needs to send its frame. The NAV must be zero before a station can attempt to send a frame. Prior to transmitting a frame, a station calculates the amount of time necessary to send the frame based on the frame's length and data rate. The station places a value representing this time in the duration field in the header of the frame. When stations receive the frame, they examine this duration field value and use it as the basis for setting their corresponding NAVs. This process reserves the medium for the sending station.
An important aspect of the DCF is a random back off timer that a station uses if it detects a busy medium. If the channel is in use, the station must wait a random period of time before attempting to access the medium again. This ensures that multiple stations wanting to send data don't transmit at the same time. The random delay causes stations to wait different periods of time and avoids all of them sensing the medium at exactly the same time, finding the channel idle, transmitting, and colliding with each other. The back off timer significantly reduces the number of collisions and corresponding retransmissions, especially when the number of active users increases.
With radio-based LANs, a transmitting station can't listen for collisions while sending data, mainly because the station can't have it's receiver on while transmitting the frame. As a result, the receiving station needs to send an acknowledgement (ACK) if it detects no errors in the received frame. If the sending station doesn't receive an ACK after a specified period of time, the sending station will assume that there was a collision (or RF interference) and retransmit the frame.
For supporting time-bounded delivery of data frames, the 802.11 standard defines the optional point coordination function (PCF) where the access point grants access to an individual station to the medium by polling the station during the contention free period. Stations can't transmit frames unless the access point polls them first. The period of time for PCF-based data traffic (if enabled) occurs alternately between contention (DCF) periods.
The access point polls stations according to a polling list, then switches to a contention period when stations use DCF. This process enables support for both synchronous (i.e., video applications) and asynchronous (i.e., e-mail and Web browsing applications) modes of operation.
No known wireless NICs or access points on the market today, however, implement PCF.
802.11 MAC Layer Functions
The following summarizes primary 802.11 MAC functions, especially as they relate to infrastructure wireless LANs:
- Scanning: The 802.11 standard defines both passive and active scanning;
whereby, a radio NIC searches for access points. Passive scanning is mandatory
where each NIC scans individual channels to find the best access point signal.
Periodically, access points broadcast a beacon, and the radio NIC receives
these beacons while scanning and takes note of the corresponding signal strengths.
The beacons contain information about the access point, including service
set identifier (SSID),
supported data rates, etc. The radio NIC can use this information along with
the signal strength to compare access points and decide upon which one to
Optional active scanning is similar, except the radio NIC initiates the process by broadcasting a probe frame, and all access points within range respond with a probe response. Active scanning enables a radio NIC to receive immediate response from access points, without waiting for a beacon transmission. The issue, however, is that active scanning imposes additional overhead on the network because of the transmission of probe and corresponding response frames.
- Authentication: Authentication is the process of proving identity,
and the 802.11 standard specifies two forms: Open system authentication and
shared key authentication. Open system authentication is mandatory, and it's
a two step process. A radio NIC first initiates the process by sending an
authentication request frame to the access point. The access point replies
with an authentication response frame containing approval or disapproval of
authentication indicated in the Status Code field in the frame body.
Shared key authentication is an optional four step process that bases authentication on whether the authenticating device has the correct WEP (wired equivalent privacy) key. The radio NIC starts by sending an authentication request frame to the access point. The access point then places challenge text into the frame body of a response frame and sends it to the radio NIC. The radio NIC uses its WEP key to encrypt the challenge text and then sends it back to the access point in another authentication frame. The access point decrypts the challenge text and compares it to the initial text. If the text is equivalent, then the access point assumes that the radio NIC has the correct key. The access point finishes the sequence by sending an authentication frame to the radio NIC with the approval or disapproval.
- Association: Once authenticated, the radio NIC must associate with the access point before sending data frames. Association is necessary to synchronize the radio NIC and access point with important information, such as supported data rates. The radio NIC initiates the association by sending an association request frame containing elements such as SSID and supported data rates. The access point responds by sending an association response frame containing an association ID along with other information regarding the access point. Once the radio NIC and access point complete the association process, they can send data frames to each other.
- WEP: With the optional WEP enabled, the wireless NIC will encrypt the body (not header) of each frame before transmission using a common key, and the receiving station will decrypt the frame upon receipt using the common key. The 802.11 standard specifies a 40-bit key and no key distribution method, which makes 802.11 wireless LANs vulnerable to eavesdroppers. The 802.11i committee, however, is improving 802.11 security by incorporating 802.1X and stronger encryption into the standard.
- RTS/CTS: The optional request-to send and clear-to-send (RTS/CTS)
function allows the access point to control use of the medium for stations
activating RTS/CTS. With most radio NICs, users can set a maximum frame length
threshold whereby the radio NIC will activate RTS/CTS. For example, a frame
length of 1,000 bytes will trigger RTS/CTS for all frames larger than 1,000
bytes. The use of RTS/CTS alleviates hidden node problems, that is, where
two or more radio NICs can't hear each other and they are associated with
the same access point.
If the radio NIC activates RTS/CTS, it will first send a RTS frame to access point before sending a data frame. The access point will then respond with a CTS frame, indicating that the radio NIC can send the data frame. With the CTS frame, the access point will provide a value in the duration field of the frame header that holds off other stations from transmitting until after the radio NIC initiating the RTS can send its data frame. This avoids collisions between hidden nodes. The RTS/CTS handshake continues for each frame, as long as the frame size exceeds the threshold set in the corresponding radio NIC.
- Power Save Mode: The optional power
save mode that a user can turn on or off enables the radio NIC to conserve
battery power when there is no need to send data. With power save mode on,
the radio NIC indicates its desire to enter "sleep" state to the
access point via a status bit located in the header of each frame. The access
point takes note of each radio NIC wishing to enter power save mode, and buffers
packets corresponding to the sleeping station.
In order to still receive data frames, the sleeping NIC must wake up periodically (at the right time) to receive regular beacon transmissions coming from the access point. These beacons identify whether sleeping stations have frames buffered at the access point and waiting for delivery to their respective destinations. The radio NICs having awaiting frames will request them from the access point. After receiving the frames, the radio NIC can go back to sleep.
- Fragmentation: The optional fragmentation function enables an 802.11 station to divide data packets into smaller frames. This is done to avoid needing to retransmit large frames in the presence of RF interference. The bits errors resulting from RF interference are likely to affect a single frame, and it requires less overhead to retransmit a smaller frame rather than a larger one. As with RTS/CTS, users can generally set a maximum frame length threshold whereby the radio NIC will activate fragmentation. If the frame size is larger than the threshold, the radio NIC will break the packet into multiple frames, with each frame no larger than the threshold value.
This tutorial is meant to provide an overview of the 802.11 MAC functions. In future articles, we'll discuss each function in more detail and show practical configuration settings.
Jim Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the book, Wireless LANs (SAMs, 2001), and regularly instructs workshops on wireless LANs.
Don't miss Jim Geier as one of the featured speakers at the 802.11 Planet Conference and Expo next week. He'll be giving a workshop on RF Site Survey Basics, and speaking on panels discussing wireless data and home networking.