1
Module B
WLAN – Engineering Aspects
Prof. JP Hubaux
Mobile Networks
http://mobnet.epfl.ch
2
Reminder on frequencies and wavelenghts
VLF = Very Low Frequency UHF = Ultra High Frequency
LF = Low Frequency SHF = Super High Frequency
MF = Medium Frequency EHF = Extra High Frequency
HF = High Frequency UV = Ultraviolet Light
VHF = Very High Frequency
Frequency and wave length:
= c/f
wave length , speed of light c 3x108m/s, frequency f
1 Mm300 Hz
10 km30 kHz
100 m3 MHz
1 m300 MHz
10 mm30 GHz
100 m3 THz
1 m300 THz
visible lightVLF LF MF HF VHF UHF SHF EHF infrared UV
optical transmissioncoax cabletwisted pair
3
Frequencies for mobile communication
VHF-/UHF-ranges for mobile radio simple, small antenna for handset deterministic propagation characteristics, reliable connections
SHF and higher for directed radio links, satellite communication small antenna large bandwidth available
Wireless LANs use frequencies in UHF to SHF spectrum some systems planned up to EHF limitations due to absorption by water and oxygen molecules
(resonance frequencies) Weather-dependent fading, signal loss caused by heavy rainfall etc.
4
Frequency allocation Europe USA Japan
Mobile phones
Dig. Dividend 800MHz GSM 890-915 MHz, 935-960 MHz; 1710-1785 MHz, 1805-1880 MHz UMTS 1920-1980 MHz 2110-2170 MHz LTE 2600MHz
AMPS, TDMA, CDMA 824-849 MHz, 869-894 MHz; TDMA, CDMA, GSM 1850-1910 MHz, 1930-1990 MHz; UMTS 1850-1910 MHz 1930-1990 MHz
PDC 810-826 MHz, 940-956 MHz; 1429-1465 MHz, 1477-1513 MHz UMTS 1749.9-1784.9 1844.9-1879.9
Cordless telephones
CT1+ 885-887 MHz, 930-932 MHz; CT2 864-868 MHz DECT 1880-1900 MHz
PACS 1850-1910 MHz, 1930-1990 MHz PACS-UB 1910-1930 MHz
PHS 1895-1918 MHz JCT 254-380 MHz
Wireless LANs
IEEE 802.11 2400-2483 MHz 5725–5875 MHz
IEEE 802.11 2400-2483 MHz 5725–5875 MHz
IEEE 802.11 2471-2497 MHz 5725–5875 MHz
Note: in the coming years, frequencies will become technology-neutral
5
Characteristics of Wireless LANs
Advantages flexibility (almost) no wiring difficulties (e.g., historic buildings) more robust against disasters like, e.g., earthquakes, fire - or users
pulling a plug...
Disadvantages lower bitrate compared to wired networks More difficult to secure
Data rate
Scope of Various WLAN and WPAN Standards
802.11n
Power consumption
Complexity
802.15.IBluetooth
802.11a
802.11g
802.11
WPAN
802.11b
WLAN
802.15.4
6WPAN: Wireless Personal Area Network
7
Design goals for wireless LANs
low power no special permissions or licenses needed to use the LAN robust transmission technology easy to use for everyone, simple management protection of investment in wired networks (internetworking) security, privacy, safety (low radiation) transparency concerning applications and higher layer protocols location awareness if necessary
8
Comparison: infrared vs. radio transmission
Infrared uses IR diodes
Advantages simple, cheap, available in
many mobile devices no licenses needed simple shielding possible
Disadvantages interference by sunlight, heat
sources etc. many materials shield or absorb
IR light low bandwidth
Example IrDA (Infrared Data Association)
interface used to be available on many devices
Radio typically using the license free
ISM band at 2.4 GHz and 5 GHz
Advantages coverage of larger areas possible
(radio can penetrate walls, furniture etc.)
Disadvantages very limited license free
frequency bands shielding more difficult,
interference with other electrical devices
more difficult to secure
Examples IEEE 802.11, Bluetooth
9
Infrastructure vs. ad hoc networks
infrastructure network
Ad hoc network
APAP
AP
wired network
AP: Access Point
10
Distribution System
Portal
802.x LAN
Access Point
802.11 LAN
BSS2
802.11 LAN
BSS1
Access Point
IEEE 802.11 - Architecture of an infrastructure network
Station (STA) terminal with access mechanisms
to the wireless medium and radio contact to the access point
Basic Service Set (BSS) group of stations using the same
radio frequency
Access Point station integrated into the wireless
LAN and the distribution system
Portal bridge to other (wired) networks
Distribution System interconnection network to form
one logical network (ESS: Extended Service Set) based on several BSS
STA1
STA2 STA3
ESS
11
802.11 - Architecture of an ad-hoc network
Direct communication within a limited range
Station (STA):terminal with access mechanisms to the wireless medium
Basic Service Set (BSS):group of stations using the same radio frequency
802.11 LAN
BSS2
802.11 LAN
BSS1
STA1
STA4
STA5
STA2
STA3
12
Interconnection of IEEE 802.11 with Ethernet
mobile station
access point
server
fixed terminal
application
TCP
802.11 PHY
802.11 MAC
IP
802.3 MAC
802.3 PHY
application
TCP
802.3 PHY
802.3 MAC
IP
802.11 MAC
802.11 PHY
infrastructure network
13
802.11 - Layers and functions
PLCP (Physical Layer Convergence Protocol)
clear channel assessment signal (carrier sense)
PMD (Physical Medium Dependent)
modulation, coding
PHY Management channel selection, MIB
Station Management coordination of all management
functions
PMD
PLCP
MAC
IP
MAC Management
PHY Management
MAC access mechanisms,
fragmentation, encryption
MAC Management synchronization, roaming, MIB,
power management
PH
Y
Sta
tion
Man
agem
ent
14
802.11b - Physical layer
3 versions: 2 radio: DSSS and FHSS (both typically at 2.4 GHz), 1 IR data rates 1, 2, 5 or 11 Mbit/s
DSSS (Direct Sequence Spread Spectrum) DBPSK modulation (Differential Binary Phase Shift Keying) or DQPSK
(Differential Quadrature PSK) chipping sequence: +1, -1, +1, +1, -1, +1, +1, +1, -1, -1, -1 (Barker code) max. radiated power 1 W (USA), 100 mW (EU), min. 1mW
FHSS (Frequency Hopping Spread Spectrum) spreading, despreading, signal strength min. 2.5 frequency hops/s, two-level GFSK modulation (Gaussian
Frequency Shift Keying)
Infrared (rarely used in practice) 850-950 nm, diffuse light, around 10 m range carrier detection, energy detection, synchronization
15
802.11 - MAC layer principles (1/2)Traffic services
Asynchronous Data Service (mandatory) exchange of data packets based on “best-effort” support of broadcast and multicast
Time-Bounded Service (optional) implemented using PCF (Point Coordination Function)
Access methods (called DFWMAC: Distributed Foundation Wireless MAC) DCF CSMA/CA (mandatory)
collision avoidance via randomized „back-off“ mechanism minimum distance between consecutive packets ACK packet for acknowledgements (not for broadcasts)
DCF with RTS/CTS (optional) avoids hidden terminal problem
PCF (optional and rarely used in practice) access point polls terminals according to a list
DCF: Distributed Coordination FunctionPCF: Point Coordination Function
16
802.11 - MAC layer principles (2/2)
Priorities defined through different inter frame spaces no guaranteed, hard priorities SIFS (Short Inter Frame Spacing)
highest priority, for ACK, CTS, polling response PIFS (PCF IFS)
medium priority, for time-bounded service using PCF DIFS (DCF, Distributed Coordination Function IFS)
lowest priority, for asynchronous data service
t
medium busySIFS
PIFS
DIFSDIFS
next framecontention
direct access if medium is free DIFS time slot
Note : IFS durations are specific to each PHYNote : IFS durations are specific to each PHY
17
t
medium busy
DIFSDIFS
next frame
contention window(randomized back-offmechanism)
802.11 - CSMA/CA principles
station ready to send starts sensing the medium (Carrier Sense based on CCA, Clear Channel Assessment)
if the medium is free for the duration of an Inter-Frame Space (IFS), the station can start sending (IFS depends on service type)
if the medium is busy, the station has to wait for a free IFS, then the station must additionally wait a random back-off time (collision avoidance, multiple of slot-time)
if another station occupies the medium during the back-off time of the station, the back-off timer stops (to increase fairness)
time slotdirect access if medium has been free for at least DIFS
18
802.11 – CSMA/CA broadcast
t
busy
boe
station1
station2
station3
station4
station5
packet arrival at MAC
DIFSboe
boe
boe
busy
elapsed backoff time
bor residual backoff time
busy medium not idle (frame, ack etc.)
bor
bor
DIFS
boe
boe
boe bor
DIFS
busy
busy
DIFSboe busy
The size of the contention window can be adapted(if more collisions, then increase the size)
The size of the contention window can be adapted(if more collisions, then increase the size)
Here St4 and St5 happen to havethe same back-off time
=
Note: broadcast is not acknowledgedNote: broadcast is not acknowledged
(detection by upper layer)
(detection by upper layer)
19
802.11 - CSMA/CA unicast
Sending unicast packets station has to wait for DIFS before sending data receiver acknowledges at once (after waiting for SIFS) if the packet
was received correctly (CRC) automatic retransmission of data packets in case of transmission
errors
t
SIFS
DIFS
data
ACK
waiting time
otherstations
receiver
senderdata
DIFS
Contentionwindow
The ACK is sent right at the end of SIFS(no contention)
The ACK is sent right at the end of SIFS(no contention)
20
802.11 – DCF with RTS/CTS
Sending unicast packets station can send RTS with reservation parameter after waiting for DIFS
(reservation determines amount of time the data packet needs the medium) acknowledgement via CTS after SIFS by receiver (if ready to receive) sender can now send data at once, acknowledgement via ACK other stations store medium reservations distributed via RTS and CTS
t
SIFS
DIFS
data
ACK
defer access
otherstations
receiver
senderdata
DIFS
Contentionwindow
RTS
CTSSIFS SIFS
NAV (RTS)NAV (CTS)
NAV: Net Allocation VectorNAV: Net Allocation Vector RTS/CTS can be present forsome packets and not for other
RTS/CTS can be present forsome packets and not for other
21
Fragmentation mode
t
SIFS
DIFS
data
ACK1
otherstations
receiver
senderfrag1
DIFS
contention
RTS
CTSSIFS SIFS
NAV (RTS)NAV (CTS)
NAV (frag1)NAV (ACK1)
SIFSACK2
frag2
SIFS
• Fragmentation is used in case the size of the packets sent has to be reduced (e.g., to diminish the probability of erroneous frames)• Each fragi (except the last one) also contains a duration (as RTS does), which determines the duration of the NAV• By this mechanism, fragments are sent in a row• In this example, there are only 2 fragments
22
802.11 - MAC frame format
Types control frames, management frames, data frames
Sequence numbers important against duplicated frames due to lost ACKs
Addresses receiver, transmitter (physical), BSS identifier, sender (logical)
Miscellaneous sending time, checksum, frame control, data
FrameControl
DurationID
Address1
Address2
Address3
SequenceControl
Address4
Data CRC
2 2 6 6 6 62 40-2312bytes
version, type, fragmentation, security, ... detection of duplication
23
MAC address format
scenario to DS fromDS
address 1 address 2 address 3 address 4
ad-hoc network 0 0 DA SA BSSID -infrastructurenetwork, from AP
0 1 DA BSSID SA -
infrastructurenetwork, to AP
1 0 BSSID SA DA -
infrastructurenetwork, within DS
1 1 RA TA DA SA
DS: Distribution SystemAP: Access PointDA: Destination AddressSA: Source AddressBSSID: Basic Service Set Identifier - infrastructure BSS : MAC address of the Access Point - ad hoc BSS (IBSS): random numberRA: Receiver AddressTA: Transmitter Address
24
802.11 - MAC management
Synchronization Purpose
for the physical layer (e.g., maintaining in sync the frequency hop sequence in the case of FHSS)
for power management Principle: beacons with time stamps
Power management sleep-mode without missing a message periodic sleep, frame buffering, traffic measurements
Association/Reassociation integration into a LAN roaming, i.e. change networks by changing access points scanning, i.e. active search for a network
MIB - Management Information Base managing, read, write
25
Synchronization (infrastructure case)
beacon interval
tmedium
accesspoint
busy
B
busy busy busy
B B B
value of the timestamp B beacon frame
• The access point transmits the (quasi) periodic beacon signal• The beacon contains a timestamp and other management information used for power management and roaming• All other wireless nodes adjust their local timers to the timestamp
26
Synchronization (ad-hoc case)
tmedium
station1
busy
B1
beacon interval
busy busy busy
B1
value of the timestamp B beacon frame
station2
B2 B2
random delay (back-off)
• Each node maintains its own synchronization timer and starts the transmission of a beacon frame after the beacon interval• Contention back-off mechanism only 1 beacon wins• All other stations adjust their internal clock according to the received beacon and suppress their beacon for the current cycle
27
Power management
Idea: switch the transceiver off if not needed
States of a station: sleep and awake
Timing Synchronization Function (TSF) stations wake up at the same time
Infrastructure case Traffic Indication Map (TIM)
list of unicast receivers transmitted by AP Delivery Traffic Indication Map (DTIM)
list of broadcast/multicast receivers transmitted by AP
Ad-hoc case Ad-hoc Traffic Indication Map (ATIM)
announcement of receivers by stations buffering frames more complicated - no central AP collision of ATIMs possible (scalability?)
28
Power saving (infrastructure case)
TIM interval
t
medium
accesspoint
busy
D
busy busy busy
T T D
T TIM D DTIM
DTIM interval
BB
B broadcast/multicast
station
awake
p Power Saving poll: I am awake, please send the data
p
d
d
d data transmissionto/from the station
Here the access point announcesdata addressed to the station
29
Power saving (ad-hoc case)
awake
A transmit ATIM D transmit data
t
station1
B1 B1
B beacon frame
station2
B2 B2
random delay
A
a
D
d
ATIMwindow beacon interval
a acknowledge ATIM d acknowledge data
• ATIM: Ad hoc Traffic Indication Map (a station announces the list of buffered frames)• Potential problem: scalability (high number of collisions)
30
802.11 - Roaming
No or bad connection? Then perform:
Scanning scan the environment, i.e., listen into the medium for beacon
signals or send probes into the medium and wait for an answer
Reassociation Request station sends a request to one or several AP(s)
Reassociation Response success: AP has answered, station can now participate failure: continue scanning
AP accepts Reassociation Request signal the new station to the distribution system the distribution system updates its data base (i.e., location
information) typically, the distribution system now informs the old AP so it can
release resources
31
Security of 802.11
WEP: Wired Equivalent Privacy Objectives:
Confidentiality Access control Data integrity
M
C(M)
Integritychecksum
M C(M)P =
RC4
k
IV RC4
k
IV
Note: several security weaknesses have been identified and WEP should not be used anymore.
M C(M)P =
32
The new solution for 802.11 security: standard 802.1x
Supplicant Authenticator Authentication Server
EAPOL(over Ethernet or 802.11)
Encapsulated EAP,Typically on RADIUS
EAP: Extensible Authentication Protocol (RFC 2284, 1998)EAPOL: EAP over LANRADIUS: Remote authentication dial in user service (RFC 2138, 1997)
Features: - Supports a wide range of authentication schemes, thanks to the usage of EAP- One-way authentication- Optional encryption and data integrity
33
More on IEEE 802.1xExample of authentication, using one-time passwords (OTP):
Supplicant Authenticator Authentication server
EAP-request/identity
EAP-response/identiy (MYID)
EAP-request/OTP,OTP challenge
EAP-response/OTP,OTPpassword
EAP-success
Port authorizedAuthenticationsuccessfullycompleted
Notes : 1. Weaknesses have been found in 802.1x as well, but are corrected in the
various implementations.2. New standard in the making : IEEE 802.11i
Notes : 1. Weaknesses have been found in 802.1x as well, but are corrected in the
various implementations.2. New standard in the making : IEEE 802.11i
: exchange of EAPOL frame
: exchange of EAP frames in a higher layer protocol (e.g., RADIUS)
34
IEEE 802.11 – Standardization effortsIEEE 802.11b
2.4 GHz band DSSS (Direct-sequence spread spectrum) Bitrates 1 – 11 Mbit/s
IEEE 802.11a 5 GHz band Based on OFDM (orthogonal frequency-division multiplexing) transmission rates up to 54 Mbit/s Coverage is not as good as in 802.11b
IEEE 802.11g 2.4 GHz band (same as 802.11b) Based on OFDM Bitrates up to 54Mb/s
IEEE 802.11n MIMO (multiple-input multiple-output) 40MHz channel (instead of 20MHz) Can operate in the 5GHz or 2.4Ghz (risk of interference with other systems, however) Bitrates up to 600Mb/s
IEEE 802.11ac Extension of IEEE 802.11n, under development
IEEE 802.11e Enhanced DCF: to support differentiated service
IEEE 802.11i Security, makes use of IEEE 802.1x
IEEE 802.11p For vehicular communications
IEEE 802.11s For mesh networks
35
Conclusion of Wireless LANs
IEEE 802.11 Very widespread Often considered as the system underlying larger scale ad hoc
networks (although far from optimal, not designed for this purpose) Tremendous potential as a competitor of 3G cellular networks in hot
spots Bluetooth Security perceived as a major obstacle; initial solutions were
flawed in both IEEE 802.11 (WEP) and Bluetooth Future developments
Ultra Wide Band?
36
References
J. Schiller: Mobile Communications, Addison-Wesley, Second Edition, 2004
Leon-Garcia & Widjaja: Communication Networks, McGrawHill, 2000 IEEE 802.11 standards, available at www.ieee.org www.bluetooth.com J. Edney and W. Arbaugh: Real 802.11 Security, Addison-Wesley,
2003
37
Ad Hoc On-Demand Distance Vector Routing (AODV)
Note: this and the following slides are provided here because AODV is used in the hands-on exercises. We will come back to this topic in a later module of the course.
38
AODV : Route discovery (1)
E G
M
H
R
FA
B
C
I
DS
K
N
L
PJ
Q
39
AODV : Route discovery (2)
E G
M
H
R
FA
B
C
I
DS
K
N
L
PJ
Q
Note: if one of the intermediate nodes (e.g., A)knows a route to D, it responds immediately to S
Note: if one of the intermediate nodes (e.g., A)knows a route to D, it responds immediately to S
: Route Request (RREQ)
40
AODV : Route discovery (3)
E G
M
H
R
FA
B
C
I
DS
K
N
L
PJ
Q
: represents a link on the reverse path
41
AODV : Route discovery (4)
E G
M
H
R
FA
B
C
I
DS
K
N
L
PJ
Q
42
AODV : Route discovery (5)
E G
M
H
R
FA
B
C
I
DS
K
N
L
PJ
Q
43
AODV : Route discovery (6)
M
D
K
L
PJ
E G
H
R
FA
B
C
I
S
N
Q
44
AODV : Route discovery (7)
M
D
K
L
PJ
E G
H
R
FA
B
C
I
S
N
Q
45
AODV : Route reply and setup of the forward path
M
D
K
L
PJ
E G
H
R
FA
B
C
I
S
N
Q
: Link over which the RREP is transmitted
: Forward path
46
Route reply in AODV
In case it knows a path more recent than the one previously known to sender S, an intermediate node may also send a route reply (RREP)
The freshness of a path is assessed by means of destination sequence numbers
Both reverse and forward paths are purged at the expiration of appropriately chosen timeout intervals
47
AODV : Data delivery
M
D
K
L
PJ
E G
H
R
FA
B
C
I
S
N
Q
Data
The route is not included in the packet headerThe route is not included in the packet header
48
AODV : Route maintenance (1)
M
D
K
L
PJ
E G
H
R
FA
B
C
I
S
N
Q
Data
X
49
AODV : Route maintenance (2)
M
D
K
L
PJ
E G
H
R
FA
B
C
I
S
N
Q
XRERR(G-J)
When receiving the Route Error message (RERR), S removes the broken link from its cache.It then initializes a new route discovery.
When receiving the Route Error message (RERR), S removes the broken link from its cache.It then initializes a new route discovery.
50
AODV (unicast) : Conclusion
Nodes maintain routing information only for routes that are in active use
Unused routes expire even when the topology does not change
Each node maintains at most one next-hop per destination
2011 Trial in MobNet with Nokiahttp://lca.epfl.ch/projects/lca1-nokia
51
Adv
ersa
ry’s
AP
s
66 m
186 m
Top Related