802.11 Protocol Stack and Physical Layer
802.11 Protocol Stack and Physical Layer
802.11 Protocol Stack and Physical Layer
Layer”
Table of Contents
1. Abstraction
2. Introduction
2.1 Overview
2
3.8.1 Preventing Access to Network Resources
3.8.2 Eavesdropping
4. Physical Layer
4.1 The physical layer basics
4.2 PLCP Frame Fields
4.3 Infrared (IR)
4.4 Spread Spectrum
4.5 Frequency Hopping Spread Spectrum (FHSS)
4.6 Direct Sequence Spread Spectrum (DSSS)
4.6.1 DSSS Modulation
4.6.2 Transmit Frequencies
4.7 The IEEE 802.11a
4.7.1 Practice 802.11a
4.8 The IEEE 802.11b
4.8.1 Practice 802.11b
4.9Comparison of 802.11a and 802.11b
5. Conclusion
6. Abbreviation
7. Glossary
3
Abstraction
The writing of this Research Report was prompted to maintain two main developments of the
IEEE 802.11 Standard physical protocol stack and Physical Layer enhanced from the
developments in wireless communication in the past decade. First we had to do huge research
activities in this topic. This has been a subject study since the sixties, so that during our
exploring work we have selected a lot of materials and picked up the most visible things for the
student to understand it more easily and clearly. So that we were concentrated to present the
issue in modern wireless concepts in a coherent and unified manner and to illustrate the concepts
in that way they are applied.
The concepts can be structured into these levels:
- Listing characteristics and modeling
- Application of these concepts
But of course there is interplay between these structures.
So this Research report is written based on the material for the students in the sixth semester.
Also in the end to understand better the terminology and the huge number of abbreviations
explained and some definitions.
Introduction
The past decade has seen many advances in physical-layer communication theory and their
implementation in wireless systems. So that in this Research Report we are going to define and
view fundamentals of wireless communication and that especially the IEEE 802.11 Standard and
explain the advantages at a level that is accessible to our audience with a basic background.
Wireless communication is one of the most vibrant areas in the communication field today. This
is due to a confluence of several factors. First, there has been an explosive increase in demand
for the tether less connectivity, driven so far mainly by cellular telephony but expected to be
soon eclipsed by wireless data application.
First there has been an explosive increase in demand for tether less connectivity, driven so far
mainly by cellular telephony but expected to be soon eclipsed by wireless data applications.
Second, the dramatic process in VLSI technology has enabled small area and low power
implementation of sophisticated signal processing algorithms and coding techniques.
Third, the success of second generation digital wireless standards and provide a concrete
demonstration that good ideas from communication theory can have impact in practice.
There are two fundamental aspects of wireless communication that make the problem
challenging and interesting. These aspects are by and large not as significant in wire line
communication.
First the phenomenon of fading: the time variation of the channel strengths due to the small-scale
effect of multipath fading, as well as large scale effects.
Second, unlike the in the wired world where each transmitter-receiver pair can often be thought
of as an isolated point-to point link, wireless users communicate over the air and there is
significant interface between them.
The original 802.11 standard specified three separate physical layers. Two are radio-
based and one is infrared light-based. The original radio-based layers are spread spectrum:
frequency hopping and direct sequence. These are all in the 2.4 GHz band. An additional
4
physical layer in the 5 GHz band was added with the 802.1a release, which is also radio-based:
orthogonal frequency division multiplexing (OFDM).
The latest release, 802.11g, added yet another PHY: complimentary code keying
orthogonal frequency division multiplexing (CCK-OFDM). This is specified in both the 2.4 and
the 5 GHz bands. Note that for 2 devices to be able to interact, they must conform to the same
PHY layer. There are two sub layers in the 802.11 physical layers, the physical medium
dependent layer (PMD) and the physical layer convergence procedure (PLCP). The PMD is the
sub layer lowest on the stack. It transmits and receives bits over the air. The PHY layer has three
basic functions. These are the carrier sense function, the transmit function, and the receive
function.
Overview
Wireless technologies, in the simplest sense, enable one or more devices to communicate
without physical connections – without requiring network cabling. Wireless technologies use
radio transmissions as the means for transmitting data, whereas wired technologies use cables.
Wireless technologies range from complex systems, such as WLANs and cell phones, to simple
devices such as wireless headphones, microphones, and other devices that do not process or store
information. In Computer network a substantial part is the Wireless Local Area Network
(WLAN), is a closely grouped system of devices that communicate via radio waves instead of
wires. Wireless LAN’s typically augment or replace wired computer networks, providing users
with more flexibility and freedom of movement within the workplace. In a typical WLAN
configuration, a transceiver—or access point—connects to the wired network from a fixed
ilocation using a standard Ethernet cable. The access point receives, buffers, and transmits data
between the components of the WLAN. For over a century, the IEEE-SA has offered an
established standards development program that features balance, openness, due process, and
consensus. The Institute of Electrical and Electronics Engineers Standards Association (IEEE-
SA) is the leading developer of global industry standards in a broad-range of industries,
including: Power and Energy; Biomedical and Healthcare; Information Technology;
Telecommunications; Transportation; Nanotechnology; Information Assurance. We have
discussed about them in this rapport.
A protocol stack is a particular software implementation of a computer networking
protocol suite. The terms are often used interchangeably. Strictly speaking, the suite is the
definition of the protocols, and the stack is the software implementation of them.
Security is one of the first concerns of people deploying a Wireless LAN; the 802.11
committee has addressed the issue by providing what is called WEP (Wired Equivalent Privacy)
Authentication: A function that determines whether a Station is allowed to participate in
network communication. The standard IEEE 802.11i is designed to provide secured
communication of wireless LAN as defined by all the IEEE 802.11 specifications. IEEE 802.11i
enhances the WEP (Wireline Equivalent Privacy); a technology used for many years for the
WLAN security, in the areas of encryption, authentication and key management.
The IEEE (define) 802.11 standard includes a common Medium Access Control (MAC)
Layer, which defines protocols that govern the operation of the wireless LAN. In addition,
802.11 comprise several alternative physical layers that specify the transmission and reception of
802.11 frames.
5
And as conclusion we will say that wireless networking has a promising future with
802.11 leading the way as the standard for adoption in local networking environments. 802.11
addresses mobility, security, reliability, and the dynamic nature of wireless LANS while keeping
compatibility with 802-type legacy networks. Expect to see availability of 802.11 products
increase dramatically in the near future as businesses discover the increased productivity
provided by ‘untethered’ networks.
In Computer network a substantial part is the Wireless Local Area Network (WLAN), is
a closely grouped system of devices that communicate via radio waves instead of wires. Wireless
LAN’s typically augment or replace wired computer networks, providing users with more
flexibility and freedom of movement within the workplace. Users can access the company
intranet or even the World Wide Web from anywhere on the company campus without relying
on the availability of wired cables and connection. If information is the lifeblood of today's
business environment, then wireless networks are its heart. Wireless LANs can pump
information and data
to executives in the
boardroom and to
employees in the
warehouse. A
wireless LAN
(WLAN) is a flexible
data communication
system implemented
as an extension or as
an alternative for, a
wired LAN within a
building or campus.
Using
electromagnetic
waves, WLAN’s
transmits and receive
data over the air,
minimizing the need for wired connections. Thus, WLANs combine data connectivity with user
mobility, and, through simplified configuration, enable movable LANs. Over the last seven
years, WLANs have gained strong popularity in a number of vertical markets, including the
health-care, retail, manufacturing, warehousing, and academic arenas. These industries have
profited from the productivity gains of using hand-held terminals and notebook computers to
transmit real-time information to centralized hosts for processing. Today WLANs are becoming
more widely recognized as a general-purpose connectivity alternative for a broad range of
business customers. The U.S. wireless LAN market is rapidly approaching $1 billion in
revenues. A wide variety of industries have discovered the benefits a WLAN can bring—not
only to daily tasks but also to the balance sheet.
6
The Basic Structure of a Wireless LAN
The speed at which a WLAN performs depends on the type and configuration of the
devices within the network. The number of users, the distance between network components, the
type of WLAN system in use, and the efficiency of the wired network elements all influence the
overall speed and performance of a wireless network. Such factors also affect wired network
speeds, but most commercial LANs operate at speeds from 10 megabits per second (10BaseT) to
100 Mbps (100BaseT). Wireless LAN components that use the 802.11a high data rate standard
perform at speeds up to 54 Mbps, almost a five-fold increase from the performance of the
802.11b standard. Almost all mobile applications today lend themselves to deployment of an
802.11 WLAN infrastructure. Of the three main variations of 802.11, a plethora of applications
and devices support the 802.11b standard, which operates in the 2.4 GHz frequency range.
Although this standard is much more widely implemented than its newer sister technologies,
industry experts anticipate that it won’t be long before 802.11g and 802.11a exceed 802.11b in
popularity. Wireless users recognize the benefits of the technology and need to know how to
protect their business-critical data. These users—as well as those who hesitate to deploy wireless
technology because of security concerns— stand to benefit from understanding the security
options currently available, even as the industry moves aggressively to provide even more secure
protocols. By working with a wireless vendor well-versed in security issues, companies can
dramatically enhance the security of its wireless communications system.
7
WLANs typically use the unlicensed Industrial, Scientific, and Medical (ISM) radio
frequency bands. In the United States, the ISM bands include the 900-MHz band (902–928
MHz), 2.4-GHz band (2400–2483.5MHz), and the 5.7-GHz band (5725–5850MHz). The most
widely adopted WLAN standard around the world is
802.11 [28] today. IEEE 802.11 consists of a family of standards that defines the physical
layers (PHY) and the Medium Access Control (MAC) layer of a WLAN, WLAN network
architectures, how a WLAN interacts with an IP core network, and the frameworks and means
for supporting security and quality of service over a WLAN. The IEEE 802.11 standards family
includes the following key standards:
For over a century, the IEEE-SA has offered an established standards development
program that features balance, openness, due process, and consensus. The Institute of Electrical
and Electronics Engineers Standards Association (IEEE-SA) is the leading developer of global
industry standards in a broad-range of industries, including:
• Power and Energy
• Biomedical and Healthcare
• Information Technology
• Telecommunications
• Transportation
• Nanotechnology
• Information Assurance
8
The following table lists highlights of the most popular sections of IEEE 802 and has
links for additional information:
802 Overview Basics of physical and logical networking concepts.
LAN/MAN bridging and management. Covers management
and the lower sub-layers of OSI Layer 2, including MAC-based
802.1 Bridging
bridging (Media Access Control), virtual LANs and port-based
access control.
Commonly referred to as the LLC or Logical Link Control
802.2 Logical Link specification. The LLC is the top sub-layer in the data-link
layer, OSI Layer 2. Interfaces with the network Layer 3.
"Granddaddy" of the 802 specifications. Provides
asynchronous networking using "carrier sense, multiple access
802.3 Ethernet with collision detect" (CSMA/CD) over coax, twisted-pair
copper, and fiber media. Current speeds range from 10 Mbps to
10 Gbps. Click for a list of the "hot" 802.3 technologies.
802.4 Token Bus Disbanded
The original token-passing standard for twisted-pair, shielded
802.5 Token Ring copper cables. Supports copper and fiber cabling from 4 Mbps
to 100 Mbps. Often called "IBM Token-Ring."
"Superseded **Revision of 802.1D-1990 edition (ISO/IEC
Distributed
10038). 802.1D incorporates P802.1p and P802.12e. It also
802.6 queue dual bus
incorporates and supersedes published standards 802.1j and
(DQDB)
802.6k. Superseded by 802.1D-2004." (See IEEE status page.)
Broadband LAN Withdrawn Standard. Withdrawn Date: Feb 07, 2003. No
802.7
Practices longer endorsed by the IEEE. (See IEEE status page.)
Fiber Optic Withdrawn PAR. Standards project no longer endorsed by the
802.8
Practices IEEE. (See IEEE status page.)
Integrated Withdrawn PAR. Standards project no longer endorsed by the
802.9
Services LAN IEEE. (See IEEE status page.)
Interoperable Superseded **Contains: IEEE Std 802.10b-1992. (See IEEE
802.10
LAN security status page.)
Wireless LAN Media Access Control and Physical Layer
specification. 802.11a, b, g, etc. are amendments to the original
802.11 Wi-Fi 802.11 standard. Products that implement 802.11 standards
must pass tests and are referred to as "Wi-Fi certified."
9
Specifies a PHY that operates in the 5 GHz U-NII band in the
US - initially 5.15-5.35 AND 5.725-5.85 - since expanded to
additional frequencies
802.11a
Uses Orthogonal Frequency-Division Multiplexing
Enhanced data speed to 54 Mbps
Ratified after 802.11b
Enhancement to 802.11 that added higher data rate modes to
the DSSS (Direct Sequence Spread Spectrum) already defined
in the original 802.11 standard
Boosted data speed to 11 Mbps
802.11b
22 MHz Bandwidth yields 3 non-overlapping channels in the
frequency range of 2.400 GHz to 2.4835 GHz
Beacons at 1 Mbps, falls back to 5.5, 2, or 1 Mbps from 11
Mbps max.
Enhancement to 802.11a and 802.11b that allows for global
802.11d roaming
Particulars can be set at Media Access Control (MAC) layer
Enhancement to 802.11 that includes quality of service (QoS)
802.11e features
Facilitates prioritization of data, voice, and video transmissions
Extends the maximum data rate of WLAN devices that operate
in the 2.4 GHz band, in a fashion that permits interoperation
with 802.11b devices
802.11g
Uses OFDM Modulation (Orthogonal FDM)
Operates at up to 54 megabits per second (Mbps), with fall-
back speeds that include the "b" speeds
Enhancement to 802.11a that resolves interference issues
802.11h Dynamic frequency selection (DFS)
Transmit power control (TPC)
Enhancement to 802.11 that offers additional security for
WLAN applications
802.11i Defines more robust encryption, authentication, and key
exchange, as well as options for key caching and pre-
authentication
Japanese regulatory extensions to 802.11a specification
802.11j
Frequency range 4.9 GHz to 5.0 GHz
Radio resource measurements for networks using 802.11
802.11k
family specifications
Maintenance of 802.11 family specifications
802.11m
Corrections and amendments to existing documentation
10
Higher-speed standards -- under development
Several competing and non-compatible technologies; often
called "pre-n"
802.11n Top speeds claimed of 108, 240, and 350+ MHz
Competing proposals come from the groups, EWC, TGn Sync,
and WWiSE and are all variations based on MIMO (multiple
input, multiple output)
802.11x Miss-used "generic" term for 802.11 family specifications
Increases Ethernet data rate to 100 Mbps by controlling media
802.12 Demand Priority
utilization.
802.13 Not used Not used
Withdrawn PAR. Standards project no longer endorsed by the
802.14 Cable modems
IEEE.
Wireless
Communications specification that was approved in early 2002
802.15 Personal Area
by the IEEE for wireless personal area networks (WPANs).
Networks
Short range (10m) wireless technology for cordless mouse,
802.15.1 Bluetooth
keyboard, and hands-free headset at 2.4 GHz.
802.15.3a UWB Short range, high-bandwidth "ultra wideband" link
802.15.4 ZigBee Short range wireless sensor networks
Extension of network coverage without increasing the transmit
power or the receiver sensitivity
802.15.5 Mesh network
Enhanced reliability via route redundancy
Easier network configuration - Better device battery life
This family of standards covers Fixed and Mobile Broadband
Wireless Access methods used to create Wireless Metropolitan
Wireless Area Networks (WMANs.) Connects Base Stations to the
802.16 Metropolitan Internet using OFDM in unlicensed (900 MHz, 2.4, 5.8 GHz)
Area Networks or licensed (700 MHz, 2.5 – 3.6 GHz) frequency bands.
Products that implement 802.16 standards can undergo
WiMAX certification testing.
Resilient Packet
802.17 IEEE working group description
Ring
Radio
802.18 IEEE 802.18 standards committee
Regulatory TAG
11
Mobile
802.20 Broadband IEEE 802.20 mission and project scope
Wireless Access
Media
802.21 Independent IEEE 802.21 mission and project scope
Handoff
Wireless
802.22 IEEE 802.22 mission and project scope
Regional Area
The protocols used by all the 802 variants, including Ethernet, have a certain
commonality of structure. In the figure below we see a partial view of the 802.11 protocol stack.
The physical layer corresponds to the OSI physical layer fairly well, but the data link layer in all
12
the 802 protocols is split into two or more sublayers. In 802.11, the MAC (Medium Access
Control) sublayer determines how the channel is allocated, that is, and who gets to transmit next.
Above it is the LLC (Logical Link Control) sublayer, whose job it is to hide the differences
between the different 802 variants and make them indistinguishable as far as the network layer is
concerned. We studied the LLC when examining Ethernet earlier in this chapter and will not
repeat that material here. The 1997 802.11 standard specifies three transmission techniques
allowed in the physical layer. The infrared method uses much the same technology as television
remote controls do. The other two use short-range radio, using techniques called FHSS and
DSSS. Both of these use a part of the spectrum that does not require licensing (the 2.4-GHz ISM
band). Radio-controlled garage door openers also use this piece of the spectrum, so your
notebook computer
may find itself in
competition with your
garage door. Cordless
telephones and
microwave ovens also
use this band. All of
these techniques
operate at 1 or 2
Mbps and at low
enough power that
they do not conflict
too much. In 1999,
two new techniques
were introduced to
achieve higher
bandwidth. These are
called OFDM and
HRDSSS. They
operate at up to 54
Mbps and 11 Mbps,
respectively. In 2001,
a second OFDM
modulation was
introduced, but in a
different frequency band from the first one. Now we will examine each of them briefly.
13
Protocol Structure
In the figure below we can see the Wireless LAN by IEEE 802.11, 802.11a,
802.11b,802.11g, 802.11n801.11 protocol family MAC frame structure:
0-
2 2 6 6 6 2 6 4
2312
Frame Address Address Address Se Address Check
Duration Data
Control 1 2 3 q 4 sum
Frame Control Structure:
2 2 4 1 1 1 1 1 1 1 1
Version Type Subtype To DS From DS MF Retry Pwr More W O
14
• Sequence Control - consists of fragment number and sequence number. It is used to
represent the order of different fragments belonging to the same frame and to recognize
packet duplications.
• Data - is information that is transmitted or received.
• CRC - contains a 32-bit Cyclic Redundancy Check (CRC).
15
Access-Point (AP) Architecture:
An Access Point is a device found within an IEEE 802.11 network which provides the
point of interconnection between the wireless Station (laptop computer, PDA (Personnel Digital
Assistant) etc.) and the wired network.
The Access Point Architecture is a device that contains
IEEE 802.11 conformant MAC and PHY interface to the
wireless medium, and provides access to a distribution
system for associated stations. Most often it contains
infra-structure products that connect to wired backbones
It is implemented in Avaya Wireless IEEE 802.11 PC-
Card when it is inserted in an AP-500 or AP-1000
16
Basic Service Set (BSS):
The Basic Service Set is a term used to describe the collection of Stations which may
communicate together within an 802.11 WLAN (Wireless Local Area Network). The BSS may
or may not include AP (Access Point) which provides a connection onto a fixed distribution
system such as an Ethernet network. Two types of BSS exist; IBSS (Independent Basic Service
Set) and Infrastructure Basic Service Set. When two or more stations come together to
communicate with each other, they form a Basic Service Set (BSS). The minimum BSS consists
of two stations. 802.11 LANs use the BSS as the standard building block.
In the BSS architecture a set of stations is controlled by a single “Coordination Function”, that is
the logical function that determines when a station can transmit or receive.
In this case we have similarity to a “cell” in the pre IEEE terminology also a BSS can have an
Access-Point and that both in standalone networks and in building-wide configurations, or it just
can run without and Access-Point but only in standalone networks. The diameter of the cells is
twice the coverage-distance between two wireless stations.
An Independent Basic Service Set also called ad hoc network is the simplest of all IEEE 802.11
networks in that no network infrastructure is required. As such, an IBSS is simply comprised of
one or more Stations which communicate directly with each other. The contraction should not be
confused with an Infrastructure BSS (Basic Service Set).A BSS that stands alone and is not
connected to a base is called an Independent Basic Service Set (IBSS) or is referred to as an Ad-
Hoc Network. An ad-hoc network is a network where stations communicate only peer to peer.
17
There is no base and no one gives permission to talk. Mostly these networks are spontaneous and
can be set up rapidly. Ad-Hoc or IBSS networks are characteristically limited both temporally
and spatially. So that the Basic Service Set (BSS) forms a self-contained network in which no
access to a Distribution System is available, or it is also similar to a BSS without an Access-
Point. One of the stations in the IBSS can be configured to “initiate” the network and assume the
Coordination Function. The diameter of the cell is determined by coverage distance between two
wireless stations.
Infrastructure
When BSS's are interconnected the network becomes one with infrastructure. Infrastructure is
established in the network when BSS are interconnected, so that the 802.11 infrastructures have
several elements. Two or more BSS's are interconnected using a Distribution System or DS. This
concept of DS increases network coverage. Each BSS becomes a component of an extended,
larger network. Entry to the DS is accomplished with the use of Access Points (AP). An access
point is a station, thus addressable. With help of the Access-Points data moves then between the
BSS and the DS.
An Extended Service Set is comprised of a number of IEEE 802.11 BSS (Basic Service Set) and
enables limited mobility within the WLAN (Wireless Local Area Network). Stations are able to
move between BSS within a single ESS yet still remain “connected” to the fixed network and so
continue to receive emails etc. As a Station moves into a new BSS, it will carry out a
reassociation procedure with the new AP (Access Point). Creating large and complex networks
using BSS's and DS's leads us to the next level of hierarchy, the Extended Service Set or ESS.
The beauty of the ESS is the entire network looks like an independent basic service set to the
Logical Link Control layer (LLC). This means that stations within the ESS can communicate or
even move between BSS’s transparently to the LLC.
18
It is the same here that the traffic always flows via Access-Point, and the diameter of the cell is
double the coverage distance between two wireless stations Distribution System (DS).There is
available a system to interconnect a set of Basic Service Sets and there is integrated a single
Access-Point in a standalone network. In the wired network there are used cables to interconnect
the Access-Points. In the wireless network are used wirelesses to interconnect the Access-Points.
Example: of Extended Service Set (ESS) with single BSS and integrated DS
19
Example: Extended Service Set (ESS) BSS’s with wired Distribution System (DS)
Example: Extended Service Set (ESS) BSS’s and wireless Distribution System (DS)
The Service Set Identifier or Network Name is specified within IEEE 802.11 networks to
identify a particular network. It is usually set by the administrator setting up the WLAN and will
be unique within a BSS (Basic Service Set) or ESS (Extended Service Set). The SSID may be
broadcast from an AP within the wireless network to enable Stations to determine which
network to “Associate” with. However, this feature should be disabled as it may assist hackers or
wardrivers in gaining access to a private network. The most important things about the SSID
are that it is 32 octets long and it is similar to “Domain-ID” in the pre-IEEE Wave LAN systems.
So we can conclude that one network independent from that if it is ESS or IBSS it has always
one SSID.
20
Basic Service Set Identifier (BSSID)
The BSSID is a 48bit identity used to identify a particular BSS (Basic Service Set) within one
area. In the infrastructure BSS networks, the BSSID is the MAC (Medium Access Control)
address of the AP and in Independent BSS or ad hoc networks, the BSSID is generated
randomly. The BSSID identifies the cells and it is 6 octets long, that means that it is in the MAC
address format. There is also visible a similarity to the NWID in the pre- IEEE Wave LAN
systems. The value of the BSSID is the same as the MAC address of the radio in the Access-
Point.
Also there are known developments for architectural enhancements for Unix-based servers to
provide a protocol stack for UNIX. To give a better idea how it looks like the figure below
shows the basic components of the enhanced protocol stack architecture, with the new
capabilities utilized either by user-space agents or applications themselves. This architecture
permits control over an application's inbound network traffic via policy-based traffic
management; an adaptation/policy agent installs policies into the kernel via a special API. The
policy agent interacts with the kernel via an enhanced socket interface by sending (receiving)
messages to (from) special control sockets. The policies specify filters to select the traffic to be
controlled, and actions to perform on the selected traffic. The figure shows the flow of an
incoming request through the various control mechanisms.
21
Compare Overall Structure of 802.11b / 802.15.1 Coexistence Mechanism
An AWMA transmission control entity is integrated with the WLAN MAC layer and provides a
Medium Free signal to the Bluetooth Baseband layer. This is a binary signal that gates when the
WLAN and WPAN can each transmit packets.
The 802.11b MAC and 802.15.1 LM + LC entities provide status information to the MEHTA
control entities. The MEHTA control entity receives a per-transmission transmit request (TX
Request) and issues a per-transmission transmit confirm (TX Confirm) to each stack to indicate
whether the transmission can proceed. The TX Confirm carries a status value that is one of:
allowed or denied. The TX Request and TX Confirm are discreet signals exchanged for every
packet transmission attempt.
Collaborative
802.11 Stack Coexistence 802.15.1 Stack
Mechanism
TDMA
Tx Enable Tx Enable
Control
802.11 802.15.1 LM
Status Status
MAC + LC
Tx Request Tx Request
MEHTA
Tx Confirm Control Tx Confirm
(status) (status)
The logical placement of the MIH Function in the 802.11 protocol stack for stations and access
points is shown in the figure. It is similar to the 802.3, where the LLC SAP (LSAP) defines the
interface of the MIH Function with the 802.11 data plane and can encapsulate MIH messages in
data frames. However, since 802.11 does not currently support Class 1 data frames, MIH
messages can be transported over the 802.11 data plane only after the Mobile Node has
associated with the 802.11 access point. Before the association between Mobile Node and access
22
point takes place, the L2 transport of MIH messages can rely on 802.11 management frames
from the 802.11 management plane (MLME). The MIH MLME SAP defines the interface
between the MIH Function and the MLME.
MIH_SAP
802.21
Scope
Media Independent
Handover (MIH) Function
MIH_SME_SAP
MIH Event Service
MIH Command Service
MIH Information Service SME
LSAP MLME_SAP
MAC
PHY_SAP MLME_PLME_SAP PLME_SAP
PHY PLME
The logical placement of the MIH Function in the 802.16 protocol stack is shown in the figure,
so that we can compare better what is the difference between the 802.11 and 802.16.
The MIH Function and the Network Control and Management System (NCMS) share the C_SAP
and M_SAP for access to the mobility-management services of the Mobility Control Entity and
Management Entity in the 802.16 Management Plane.
The mechanisms for the direct encapsulation of MIH frames into 802.16 data frames may take
multiple forms. The Service-Specific Convergence Sublayer instances currently available in the
802.16 standards and WiMAX only enable the encapsulation of IP packets and Ethernet frames.
The only option available for L2 transport would be to first encapsulate the MIH messages into
Ethernet frames with an MIH Ethertype value, and then mandate the adoption of Ethernet CS for
802.16 connections that carry the MIH messages. This approach limits both the efficiency of the
L2 transport of MIH messages, and that since it imposes the addition of full Ethernet overhead –
at least 18 bytes – to the MIH frame and the availability of L2 transport capabilities for MIH,
since Ethernet CS is not ubiquitous.
Alternatively, a solution that enables better efficiency and easier accessibility of L2 transport
capabilities could become available with the possible standardization of the Generic Packet
Convergence Sublayer (GPCS) recently proposed within 802.16g. With GPCS a more efficient
23
LLC/SNAP encapsulation (8 bytes overhead) could create the needed room for the MIH
Ethertype in 802.16 frame.
MIH_SAP
802.21 NCMS
Scope
Media Independent
Handover (MIH) Function
CS_SAP
As an important part of the protocol stack, the data link layer within 802.11 consists of two
sublayers: Logical Link Control (LLC) and Media Access Control (MAC). The 802.11 uses the
same 802.2 LLC and 48-bit addressing as other 802 LANs, allowing for very simple bridging
from wireless to IEEE wired networks, but the MAC is unique to WLANs. The 802.11 MAC is
very similar in concept compared to the 802.3, which is designed to support multiple users on a
shared medium by having the sender sense the medium before accessing it.
For 802.3 Ethernet LANs, the Carrier Sense Multiple Access with Collision Detection
(CSMA/CD) it is regulated from the protocol how Ethernet stations are going to establish access
to the wire and how they detect and handle collisions that occur when two or more devices try to
simultaneously communicate over the LAN. In an 802.11 WLAN, collision detection is not
possible due to what is known as the “near/far” problem: to detect a collision, a station must be
able to transmit and listen at the same time, but in radio systems the transmission drowns out the
ability of the station to “hear” a collision. To account for this difference, 802.11 use a slightly
modified protocol known as Carrier Sense Multiple Access with Collision Avoidance
(CSMA/CA) or the Distributed Coordination Function (DCF). CSMA/CA attempts to avoid
collisions by using explicit packet acknowledgment (ACK), which means an ACK packet is sent
by the receiving station to confirm that the data packet arrived intact.
CSMA/CA works as follows. A station wishing to transmit senses the air, and, if no activity is
detected, the station waits an additional, randomly selected period of time and then transmits if
24
the medium is still free. If the packet is received intact, the receiving station issues an ACK
frame that, once successfully received by the sender, completes the process. If the ACK frame is
not detected by the sending station, either because the original data packet was not received
intact or the ACK was not received intact, a collision is assumed to have occurred and the data
packet is transmitted again after waiting another random amount of time.
CSMA/CA thus provides a way of sharing access over the air. This explicit ACK mechanism
also handles interference and other radio related problems very effectively. However, it does add
some overhead to 802.11 that 802.3 does not have, so that an 802.11 LAN will always have
slower performance than an equivalent Ethernet LAN.
Another MAC-layer problem specific to wireless is the “hidden node” issue, in which two
stations on opposite sides of an access point can both “hear” activity from an access point, but
not from each other, usually due to distance or an obstruction.
25
Support for Time-Bounded Data
Time-bounded data such as voice and video is supported in the 802.11 MAC specifications
through the Point Coordination Function (PCF). As opposed to the DCF, where control is
distributed to all stations, in PCF mode a single access point controls access to the media. If a
BSS is set up with PCF enabled, time is spliced between the system being in PCF mode and in
DCF (CSMA/CA) mode. During the periods when the system is in PCF mode, the access point
will poll each station for data, and after a given time move on to the next station. No station is
allowed to transmit unless it is polled, and stations receive data from the access point only when
they are polled. Since PCF gives every station a turn to transmit in a predetermined fashion, a
maximum latency is guaranteed. A downside to PCF is that it is not particularly scalable, in that
a single point needs to have control of media access and must poll all stations, which can be
ineffective in large networks.
The 802.11 standard specifies a common medium access control (MAC) Layer, which provides a
variety of functions that support the operation of 802.11-based wireless LANs. In general, the
MAC Layer manages and maintains communications between 802.11 stations (radio network
cards and access points) by coordinating access to a shared radio channel and utilizing protocols
that enhance communications over a wireless medium. Often viewed as the "brains" of the
network, the 802.11 MAC Layer uses an 802.11 Physical (PHY) Layer, such as 802.11b or
802.11a, to perform the tasks of carrier sensing, transmission, and receiving of 802.11 frames.1
Before transmitting frames, a station must first gain access to the medium, which is a radio
channel that stations share. The 802.11 standard defines two forms of medium access, distributed
coordination function (DCF) and point coordination function (PCF). DCF is mandatory and
based on the CSMA/CA (carrier sense multiple access with collision avoidance) protocol. With
DCF, 802.11 stations contend for access and attempt to send frames when there is no other
station transmitting. If another station is sending a frame, stations are polite and wait until the
channel is free.
As a condition to accessing the medium, the MAC Layer checks the value of its network
allocation vector (NAV), which is a counter resident at each station that represents the amount of
time that the previous frame needs to send its frame. The NAV must be zero before a station can
attempt to send a frame. Prior to transmitting a frame, a station calculates the amount of time
necessary to send the frame based on the frame's length and data rate. The station places a value
representing this time in the duration field in the header of the frame. When stations receive the
frame, they examine this duration field value and use it as the basis for setting their
corresponding NAVs. This process reserves the medium for the sending station.
An important aspect of the DCF is a random back off timer that a station uses if it detects a busy
medium. If the channel is in use, the station must wait a random period of time before attempting
to access the medium again. This ensures that multiple stations wanting to send data don't
1
http://www.javvin.com/wireless/MACAddress.html
26
transmit at the same time. The random delay causes stations to wait different periods of time and
avoids all of them sensing the medium at exactly the same time, finding the channel idle,
transmitting, and colliding with each other. The back off timer significantly reduces the number
of collisions and corresponding retransmissions, especially when the number of active users
increases.
With radio-based LANs, a transmitting station can't listen for collisions while sending data,
mainly because the station can't have it's receiver on while transmitting the frame. As a result,
the receiving station needs to send an acknowledgement (ACK) if it detects no errors in the
received frame. If the sending station doesn't receive an ACK after a specified period of time, the
sending station will assume that there was a collision (or RF interference) and retransmit the
frame.
For supporting time-bounded delivery of data frames, the 802.11 standard defines the optional
point coordination function (PCF) where the access point grants access to an individual station to
the medium by polling the station during the contention free period. Stations can't transmit
frames unless the access point polls them first. The period of time for PCF-based data traffic (if
enabled) occurs alternately between contention (DCF) periods.
The access point polls stations according to a polling list, then switches to a contention period
when stations use DCF. This process enables support for both synchronous (i.e., video
applications) and asynchronous (i.e., e-mail and Web browsing applications) modes of operation.
MAC Architecture
The new MAC access scheme described hereafter enhances the current 802.11 MAC. The MAC
SAP is kept identical while the PHY SAP may be modified according to the capabilities of the
PHY layer. As shown in Error: Reference source not found, the enhanced MAC layer is
constituted of two Convergence sub-layers, LLC Convergence Sub-Layer (LLCCS) and
Segmentation and Re-assembly (SAR), and two transfer sub-layers, MAC Intermediate Sub-
Layer (MIS) and MAC Lower Sub-layer (MLS).
The MAC SAP consistency is maintained by the LLCCS sub-layer. The MIS embeds the core
transfer function of the MAC layer and is based on short fixed-size transfer units. The MIS also
integrates the Error and Flow Control functions. The SAR sub-layer performs the adaptation
between the variable size packet provided by the LLCCS and the transfer units managed by the
MIS. The MLS sub-layer is in charge of building 802.11 compatible MPDUs from MIS transfer
unit and signaling information, and delivers them to the PHY layer. In addition, it can implement
the
27
LLC LLC
Segmentation
Segment Sequence Number Assignment
SAR MAC
Error and Flow Control
MIS
Encryption
MPDU Header
Signalling Insertion MLS
PHY PHY
Security
Security is one of the first concerns of people deploying a Wireless LAN; the 802.11 committee
has addressed the issue by providing what is called WEP (Wired Equivalent Privacy)
Authentication: A function that determines whether a Station is allowed to participate in
network communication. The standard IEEE 802.11i is designed to provide secured
communication of wireless LAN as defined by all the IEEE 802.11 specifications. IEEE 802.11i
enhances the WEP (Wireline Equivalent Privacy); a technology used for many years for the
WLAN security, in the areas of encryption, authentication and key management. IEEE 802.11i is
based on the Wi-Fi Protected Access (WPA), which is a quick fix of the WEB weaknesses.
The IEEE 802.11i has the following key components:
1. Temporal Key Integrity Protocol (TKIP): it is data-confidentiality protocol and it was
designed to improve the security of products that were implemented through WEP. TKIP uses a
message integrity code to enable devices to authenticate that the packets are coming from the
claimed source, this code is called Michael. Also TKIP uses a mixing function to defeat weak-
key attacks, which enabled attackers to decrypt traffic.
2. Counter-Mode/CBC-MAC Protocol (CCMP): a data-confidentiality protocol that is
responsible for packet authentication as well as encryption. For confidentiality, CCMP uses AES
in counter mode. For authentication and integrity, CCMP uses Cipher Block Chaining Message
Authentication Code (CBC-MAC). In IEEE 802.11i, CCMP uses a 128-bit key. CCMP protects
some fields that aren't encrypted. The additional parts of the IEEE 802.11 frame that get
protected are known as additional authentication data (AAD). AAD includes the packets source
and destination and protects against attackers replaying packets to different destinations.
28
3.IEEE 802.1x: offers an effective framework for authenticating and controlling user traffic to a
protected network, as well as dynamically varying encryption keys. 802.1X ties a protocol called
EAP (Extensible Authentication Protocol) to both the wired and wireless LAN media and
support multiple authentication methods.
4. EAP encapsulation over LANs (EAPOL)– it is the key protocol in IEEE 802.1x for key
exchange. Two main EAPOL-key exchanges are defined in IEEE 802.11i. The first is referred to
as the 4-way handshake and the second is the group key handshake.
Because IEEE 802.11i has more than one data-confidentiality protocol, IEEE 802.11i provides
an algorithm for the IEEE 802.11i client card and access point to negotiate which protocol to use
during specific traffic circumstances and to discover any unknown security parameters.
This is done by the use of an Authentication mechanism where a station needs to prove
knowledge of the current key; this is very similar to the Wired LAN privacy, on the sense that an
intruder needs to enter the premises (by using a physical key) in order to connect his workstation
to the wired LAN.
Eavesdropping
Eavesdropping is prevented by the use of the WEP algorithm, which is a Pseudo Random
Number Generator (PRNG), initialized by a shared secret key. This PRNG outputs a key
sequence of pseudo-random bits equal in length to the largest possible packet, which is combined
with the outgoing/incoming packet producing the packet transmitted in the air.
The WEP algorithm is a simple algorithm based on RSA?s RC4 algorithm, which has the
following properties:
Reasonable strong: Brute-force attack to this algorithm is difficult because of the fact that every
frame is sent with an Initialization Vector, which restarts the PRNG for each frame.
Self Synchronizing: The algorithm synchronized again for each message, this is needed in order
to work on a connectionless environment, where packets may get lost (as any LAN).
29
Physical Layer
The IEEE (define) 802.11 standard includes a common Medium Access Control (MAC) Layer,
which defines protocols that govern the operation of the wireless LAN. In addition, 802.11
comprise several alternative physical layers that specify the transmission and reception of 802.11
frames.
To know the physical layer terminology we need to understand the essential intricacies of
802.11.
GFSK is a modulation scheme in which the data are first filtered by a Gaussian filter in the
Baseband, and then modulated with a simple frequency modulation. 2 and 4 bit represent the
number of frequency offsets used to represent data symbols of one and two bits, respectively.
DBPSK is phase modulation using two distinct carrier phases for data signaling providing one bit
per symbol.
DQPSK is a type of phase modulation using two pairs of distinct carrier phases, in quadrature, to
signal two bits per symbol. The differential characteristic of the modulation schemes indicates
the use of the difference in phase from the last change or symbol to determine the current
symbol's value, rather than any absolute measurements of the phase change.
Both the FHSS and DSSS modes are specified for operation in the 2.4 GHz industrial, scientific
and medical (ISM) band, which has sometimes been jokingly referred to as the interference
suppression is mandatory band because it is heavily used by various electronic products. The
third physical layer alternative is an infrared system using near-visible light in the 850 nm to 950
nm range as the transmission medium.
At the forefront of the new WLAN options that will enable much higher data rates are two
supplements to the IEEE 802.11 standard: 802.11b and 802.11a, as well as a European
Telecommunications Standards Institute (ETSI) standard, High Performance LAN
(HIPERLAN/II). Both 802.11 and HIPERLAN/II have similar physical layer characteristics
operating in the 5 GHz band and use the modulation scheme orthogonal frequency division
multiplexing (OFDM), but the MAC layers are considerably different. The focus here, however,
will be to compare the physical layer characteristics of 802.11a and 802.11b. With
HIPERLAN/II sharing several of the same physical properties as 802.11a, many of the same
issues will apply.
Another standard that warrants mention in this context is IEEE 802.11g. With a ruling from the
Federal Communications Commission that will now allow OFDM digital transmission
technology to operate in the ISM band and the promise of interoperability with a large installed
base of 802.11b products, the 802.11g extension to the standard begins to garner the attention of
WLAN equipment providers. Although not detailed here, it will offer data rates equal to or
exceeding 22 Mb/s with products available late in 2002.
Each of the five permitted transmission techniques makes it possible to send a MAC frame from
one station to another. They differ, however, in the technology used and speed achievable. The
infrared option uses diffused (i.e., not line of sight) transmission at 0.85 or 0.95 microns. Two
speeds are permitted: 1 Mbps and 2 Mbps. At 1 Mbps, an encoding scheme is used in which a
30
group of 4 bits is encoded as a 16-bit codeword containing fifteen 0s and a single 1, using what is
called Gray code. This code has the property that a small error in time synchronization leads to
only a single bit error in the output. At 2 Mbps, the encoding takes 2 bits and produces a 4-bit
codeword, also with only a single 1, that is one of 0001, 0010, 0100, or 1000. Infrared signals
cannot penetrate walls, so cells in different rooms are well isolated from each other.
Nevertheless, due to the low bandwidth (and the fact that sunlight swamps infrared signals), this
is not a popular option.
As with other 802.11 Physical layers, 802.11b includes Physical Layer Convergence Procedure
(PLCP) and Physical Medium Dependent (PMD) sub-layers. These are somewhat sophisticated
terms that the standard uses to divide the major functions that occur within the Physical Layer.
The PLCP prepares 802.11 frames for transmission and directs the PMD to actually transmit
signals, change radio channels, receive signals, and so on.
The PLCP takes each 802.11 frame that a station wishes to transmit and forms what the 802.11
standard refers to as a PLCP protocol data unit (PPDU). The resulting PPDU includes the
following fields in addition to the frame fields imposed by the MAC Layer:
Sync. This field consists of alternating 0s and 1s, alerting the receiver that a receivable signal is
present. The receiver begins synchronizing with the incoming signal after detecting the Sync.
Start Frame Delimiter. This field is always 1111001110100000 and defines the beginning of a
frame.
Signal. This field identifies the data rate of the 802.11 frame, with its binary value equal to the
data rate divided by 100Kbps. For example, the field contains the value of 00001010 for 1Mbps,
00010100 for 2Mbps, and so on. The PLCP fields, however, are always sent at the lowest rate,
which is 1Mbps. This ensures that the receiver is initially uses the correct demodulation
mechanism, which changes with different data rates.
Service. This field is always set to 00000000 and the 802.11 standard reserves it for future use.
Length. This field represents the number of microseconds that it takes to transmit the contents of
the PPDU, and the receiver uses this information to determine the end of the frame.
Frame Check Sequence. In order to detect possible errors in the Physical Layer header, the
standard defines this field for containing 16-bit cyclic redundancy check (CRC) result. The MAC
Layer also performs error detection functions on the PPDU contents as well.
PSDU. The PSDU, which stands for Physical Layer Service Data Unit, is a fancy name that
represents the contents of the PPDU (i.e., the actual 802.11 frame being sent).
Don't expect to see the physical layer fields with 802.11 analyzers from AirMagnet and
Wildpackets, however. The 802.11 radio card removes these fields before the resulting data is
processed by the MAC Layer and offered to the analyzer for viewing.
Next, we come to HR-DSSS (High Rate Direct Sequence Spread Spectrum), another spread
spectrum technique, which uses 11 million chips/sec to achieve 11 Mbps in the 2.4-GHz band. It
is called 802.11b but is not a follow-up to 802.11a. In fact, its standard was approved first and it
got to market first. Data rates supported by 802.11b are 1, 2, 5.5, and 11 Mbps. The two slow
rates run at 1 Mbaud, with 1 and 2 bits per baud, respectively, using phase shift modulation (for
compatibility with DSSS). The two faster rates run at 1.375 Mbaud, with 4 and 8 bits per baud,
respectively, using Walsh/Hadamard codes. The data rate may be dynamically adapted during
31
operation to achieve the optimum speed SEC. 4.4 WIRELESS LANS 295 possible under current
conditions of load and noise. In practice, the operating speed of 802.11b is nearly always 11
Mbps. Although 802.11b is slower than 802.11a, its range is about 7 times greater, which is more
important in many situations. An enhanced version of 802.11b, 802.11g, was approved by IEEE
in November 2001 after much politicking about whose patented technology it would use. It uses
the OFDM modulation method of 802.11a but operates in the narrow 2.4- GHz ISM band along
with 802.11b. In theory it can operate at up to 54 MBps. It is not yet clear whether this speed will
be realized in practice. What it does mean is that the 802.11 committee has produced three
different high-speed wireless LANs: 802.11a, 802.11b, and 802.11g (not to mention three low-
speed wireless LANs). One can legitimately ask if this is a good thing for a standards committee
The 802.11 physical layer (PHY) is the interface between the MAC and the wireless media
where frames are transmitted and received. The PHY provides three functions. First, the PHY
provides an interface to exchange frames with the upper MAC layer for transmission and
reception of data. Secondly, the PHY uses signal carrier and spread spectrum modulation to
transmit data frames over the media. Thirdly, the PHY provides a carrier sense indication back to
the MAC to verify activity on the media.
802.11 provides three different PHY definitions: Both Frequency Hopping Spread Spectrum
(FHSS) and Direct Sequence Spread Spectrum (DSSS) support 1 and 2 Mbps data rates. An
extension to the 802.11 architecture (802.11a) defines different multiplexing techniques that can
achieve data rates up to 54 Mbps. Another extension to the standard (802.11b) defines 11 Mbps
and 5.5 Mbps data rates (in addition to the 1 and 2Mbps rates) utilizing an extension to DSSS
called High Rate DSSS (HR/DSSS). 802.11b also defines a rate shifting technique where 11
Mbps networks may fall back to 5.5 Mbps, 2 Mbps, or 1 Mps under noisy conditions or to inter-
operate with legacy 802.11 PHY layers.
Infrared (IR)
The Infrared PHY utilizes infrared light to transmit binary data either at 1 Mbps (basic access
rate) or 2 Mbps (enhanced access rate) using a specific modulation technique for each. For 1
Mbps, the infrared PHY uses a 16-pulse position modulation (PPM). The concept of PPM is to
vary the position of a pulse to represent different binary symbols. Infrared transmission at 2
Mbps utilizes a 4 PPM modulation technique.
Spread Spectrum
Spread spectrum is a technique trading bandwidth for reliability. The goal is to use more
bandwidth than the system really needs for transmission to reduce the impact of localized
interference on the media. Spread spectrum spreads the transmitted bandwidth of the resulting
signal, reducing the peak power but keeping total power the same.
32
Frequency Hopping Spread Spectrum (FHSS)
In FHSS the total frequency band is split into a number of channels. The broadcast data is spread
across the entire frequency band by hopping between the channels in a pseudo random fashion.
Frequency-hopping spread spectrum (FHSS) is a spread-spectrum method of transmitting radio
signals by rapidly switching a carrier among many frequency channels, using a pseudorandom
sequence known to both transmitter and receiver.
A spread-spectrum transmission offers three main advantages over a fixed-frequency
transmission:
Spread-spectrum signals are highly resistant to noise and interference. The process of re-
collecting a spread signal spreads out noise and interference, causing them to recede into the
background.
Spread-spectrum signals are difficult to intercept. A Frequency-Hop spread-spectrum signal
sounds like a momentary noise burst or simply an increase in the background noise for short
Frequency-Hop codes on any narrowband receiver except a Frequency-Hop spread-spectrum
receiver using the exact same channel sequence as was used by the transmitter.
Spread-spectrum transmissions can share a frequency band with many types of conventional
transmissions with minimal interference. The spread-spectrum signals add minimal noise to the
narrow-frequency communications, and vice versa. As a result, bandwidth can be utilized more
efficiently.
Frequency Hopping utilizes a set of narrow channels and "hops" through all of them in a
predetermined sequence. For example, the 2.4 GHz frequency band is divided into 70 channels
of 1 MHz each. Every 20 to 400 msec the system "hops" to a new channel following a
predetermined cyclic pattern.
The 802.11 Frequency Hopping Spread Spectrum (FHSS) PHY uses the 2.4 GHz radio
frequency band, operating with at 1 or 2 Mbps data rate.
FHSS (Frequency Hopping Spread Spectrum) uses 79 channels, each 1- MHz wide, starting at
the low end of the 2.4-GHz ISM band. A pseudorandom number generator is used to produce the
sequence of frequencies hopped to. As long as all stations use the same seed to the
pseudorandom number generator and stay synchronized in time, they will hop to the same
frequencies simultaneously. The amount of time spent at each frequency, the dwell time, is an
adjustable parameter, but must be less than 400 msec. FHSS’ randomization provides a fair way
to allocate spectrum in the unregulated ISM band. It also provides a modicum of security since
an intruder who does not know the hopping sequence or dwell time cannot eavesdrop on
transmissions. Over longer distances, multipath fading can be an issue, and FHSS offers good
resistance to it. It is also relatively insensitive to radio interference, which makes it popular for
building-to-building links. Its main disadvantage is its low bandwidth. The third modulation
method.
Frequency hopping relies on frequency diversity to combat interference. This is accomplished
by multiple frequency, code selected, FSK. Basically, the incoming digital stream is shifted in
frequency by an amount determined by a code that spreads the signal power over a wide
bandwidth. In comparison to binary FSK, which has only two possible frequencies, FHSS may
have 2*10^20 or more.
33
The FHSS transmitter is a pseudo-noise PN code controlled frequency synthesizer. The
instantaneous frequency output of the transmitter jumps from one value to another based on the
pseudo-random input from the code generator. Varying the instantaneous frequency results in an
output spectrum that is effectively spread over the range of frequencies generated.
Direct Sequence Spread Spectrum is based on the multiplying of the baseband signal data with a
broadband spreading code. The result is termed the chip rate. The characteristics of the
broadband spreading code are that of pseudorandom noise. Consequently the receiver
synchronized to the code will obtain the narrowband signal. All other receivers will see the
spread signal as white or colored noise.
In contrast, frequency-hopping spread spectrum pseudo-randomly retunes the carrier, instead of
adding pseudo-random noise to the data, which results in a uniform frequency distribution whose
width is determined by the output range of the pseudo-random number generator.
In telecommunications, direct-sequence spread spectrum is a modulation technique where the
transmitted signal takes up more bandwidth than the information signal that is being modulated,
which is the reason that it is called spread spectrum. DSSS has the following features:
for generating spread-spectrum transmissions by phase-modulating a sine wave pseudo randomly
with a continuous string of pseudo noise code symbols, each of duration much smaller than a bit.
A signal structuring technique utilizing a digital code sequence (PN Sequences) having a chip
rate much higher than the information signal bit rate. Each information bit of a digital signal is
transmitted as a pseudorandom sequence of chips.
34
The principle of Direct Sequence is to spread a signal on a larger frequency band by multiplexing
it with a signature or code to minimize localized interference and background noise. To spread
the signal, each bit is modulated by a code. In the receiver, the original signal is recovered by
receiving the whole spread channel and demodulating with the same code used by the
transmitter. The 802.11 Direct Sequence Spread Spectrum (DSSS) PHY also uses the 2.4 GHz
radio frequency band.
It is also a part of the 802.11 b and g standards. Note that in the original 802.11 standard, either
FHSS or DSSS may be used.
DSSS (Direct Sequence Spread Spectrum) is also restricted to 1 or 2 Mbps. The scheme used has
some similarities to the CDMA system, but differs in other ways. Each bit is transmitted as 11
chips, using what is called a Barker sequence. It uses phase shift modulation at 1 Mbaud,
transmitting 1 bit per baud when operating at 1 Mbps and 2 bits per baud when operating at 2
Mbps. 802.11b uses DSSS to disperse the data frame signal over a relatively wide
(approximately 30MHz) portion of the 2.4GHz frequency band. This results in greater immunity
to radio frequency (RF) interference as compared to narrowband signaling, which is why the
Federal Communications Commission (FCC) (define) deems the operation of spread spectrum
systems as license free. For years, the FCC required all wireless communications equipment
operating in the ISM bands in the U.S. to use spread spectrum, but in May 2002, that rule was
dropped as new technologies emerged. The first of the high-speed wireless LANs, 802.11a, uses
OFDM (Orthogonal Frequency Division Multiplexing) to deliver up to 54 Mbps in the wider 5-
GHz ISM band. As the term FDM suggests, different frequencies are used—52 of them, 48 for
data and 4 for synchronization—not unlike ADSL. Since transmissions are present on multiple
frequencies at the same time, this technique is considered a form of spread spectrum, but
different from both CDMA and FHSS. Splitting the signal into many narrow bands has some key
advantages over using a single wide band, including better immunity to narrowband interference
and the possibility of using noncontiguous bands. A complex encoding system is used, based on
phase-shift modulation for speeds up to 18 Mbps and on QAM above that. At 54 Mbps, 216 data
bits are encoded into 288-bit symbols. Part of the motivation for OFDM is compatibility with the
European HiperLAN/2 system (Doufexi et al., 2002). The technique has a good spectrum
efficiency in terms of bits/Hz and good immunity to multipath fading. This is probably the most
widely recognized form of spread spectrum. The DSSS process is performed by effectively
multiplying an RF carrier and a pseudo-noise (PN) digital signal. First the PN code is modulated
onto the information signal using one of several modulation techniques (eg. BPSK, QPSK,
etc). Then, a doubly balanced mixer is used to multiply the RF carrier and PN modulated
information signal. This process causes the RF signal to be replaced with a very wide bandwidth
signal with the spectral equivalent of a noise signal. The demodulation process (for the BPSK
case) is then simply the mixing/multiplying of the same PN modulated carrier with the incoming
RF signal. The output is a signal that is a maximum when the two signals exactly equal one
another or are "correlated". The correlated signal is then filtered and sent to a BPSK
demodulator.
The signals generated with this technique appear as noise in the frequency domain. The wide
bandwidth provided by the PN code allows the signal power to drop below the noise threshold
without loss of information. The spectral content of an SS signal is shown in Fig. 1. Note that
this is just the spectrum of a BPSK signal with a (sin x / x) 2 form.
35
Fig. 1 BPSK DSSS Spectrum
The bandwidth in DSSS systems is often taken as the null-to-null bandwidth of the main lobe of
the power spectral density plot (indicated as 2Rc in Fig. 1). The half power bandwidth of this
lobe is 1.2 Rc, where Rc is the chip rate. Therefore, the bandwidth of a DSSS system is a direct
function of the chip rate; specifically 2Rc/RINFO. This is just an extension of the previous
equation for process gain. It should be noted that the power contained in the main lobe
comprises 90 percent of the total power. This allows a narrower RF bandwidth to accommodate
the received signal with the effect of rounding the received pulses in the time domain.
One feature of DSSS is that QPSK may be used to increase the data rate. This increase of a
factor of two bits per symbol of transmitted information over BPSK causes an equivalent
reduction in the available process gain. The process gain is reduced because for a given chip
rate, the bandwidth (which sets the process gain) is halved due to the two-fold increase in
information transfer. The result is that systems in a spectrally quiet environment benefit from the
possible increase in data transfer rate.
DSSS Modulation
The modulator converts the spread binary signal into an analog waveform through the use of
different modulation types, depending on which data rate is chosen. For example with 1Mbps
operation, the PMD uses differential binary phase shift keying (DBPSK). This isn't really as
complex as it sounds. The modulator merely shifts the phase of the center transmit frequency to
distinguish a binary 1 from a binary 0 within the data stream.
For 2Mbps transmission, the PMD uses differential quadrature phase shift keying (DQPSK),
which is similar to DBPSK except that there are four possible phase shifts that represents every
two data bits. This is a clever process that enables the data stream to be sent at 2Mbps while
using the same amount of bandwidth as the one sent at 1Mbps. The modulator uses similar
methods for the higher, 5.5Mbps and 11Mbps data rates.
36
Transmit Frequencies
The transmitter's modulator translates the spread signal into an analog form with a center
frequency corresponding to the radio channel chosen by the user. The following identifies the
center frequency of each channel:
Various countries limit the use of these channels. For example, the U.S. only allows the use of
channels 1 through 11, and the U.K. can use channels 1 through 13. Japan, however, authorizes
the use all 14 channels. This complicates matters when designing international public wireless
LANs. In that case, you need to choose channels with the least common denominator.
After RF amplification takes place based on the transmit power you've chosen (100mW
maximum for the U.S.), the transmitter outputs the modulated DSSS signal to the antenna in
order to propagate the signal to the destination. The trip in route to the destination will
significantly attenuate (define) the signal, but the receiver at the destination will detect the
incoming Physical Layer header and reverse (demodulate and dispread) the process implemented
by the transmitter
While 802.11a was approved in September 1999, new product development has proceeded much
more slowly than 802.11b. This is due to the cost and complexity of implementation. This
standard uses 300 MHz of bandwidth in the 5 GHz unlicensed national information infrastructure
(UNII) band. The spectrum is divided into three domains, each having restrictions imposed on
the maximum allowed output power (see Figure 1). The first 100 MHz in the lower frequency
portion is restricted to a maximum power output of 50 mW. The second 100 MHz has a higher
250 mW maximum, while the third 100 MHz, which is mainly intended for outdoor applications,
has a maximum of 1.0 W power output.
OFDM operates by dividing the transmitted data into multiple parallel bit streams, each with
lower relative bit rates and modulating separate narrowband carriers, referred to as sub-carriers.
37
The sub-carriers are orthogonal, so each can be received without interference from another.
802.11a specifies eight non-overlapping 20 MHz channels in the lower two bands; each of these
are divided into 52 sub-carriers (four of which carry pilot data) of 300-kHz bandwidth each. Four
non-overlapping 20 MHz channels are specified in the upper band. The receiver processes the 52
individual bit streams, reconstructing the original high-rate data stream. Four complex
modulation methods are employed, depending on the data rate that can be supported by channel
conditions between the transmitter and receiver. These include BPSK, QPSK, 16-QAM, and 64-
QAM.
Quadrature amplitude modulation is a complex modulation method where data are carried in
symbols represented by the phase and amplitude of the modulated carrier. 16-QAM has 16
symbols. Each represents four data bits. 64-QAM has 16 symbols with each representing four
data bits.
BPSK modulation is always used on the four pilot sub-carriers. Although it adds a degree of
complication to the Baseband processing, 802.11a includes forward error correction (FEC) as
part of the specification. FEC, which does not exist within 802.11b, enables the receiver to
identify and correct errors made during transmission by sending additional data along with the
primary transmission. This nearly eliminates the need for retransmissions when packet errors are
detected. The data rates available in 802.11a are noted in Table 2, together with the type of
modulation and the coding rate.
802.11a products are expected to begin arriving in the first half of 2002. Some of the companies
developing chipset solutions for 802.11a are touting the availability of operational modes that
exceed the 54 Mb/s stated in the specification. Of course, because faster data rates are out of the
specification's scope, they require the use of equipment from a single source throughout the
entire network.
Considering the composite waveform resulting from the combination of 52 sub-carriers, the
format requires more linearity in the amplifiers because of the higher peak-to-average power
ratio of the transmitted OFDM signal. In addition, better phase noise performance is required
because of the closely spaced, overlapping carriers. These issues add to the implementation cost
of 802.11a products. Application-specific measurement tools aid in the design and
troubleshooting of OFDM signals and systems.
Practice 802.11a
Design of devices using 802.11a with OFDM signals and operating at 5 GHz will bring new
challenges in testing, particularly because the data rate will be increasing by a factor of five and
using the same bandwidth (20 MHz) to do it. The high peak-to-average power ratio
representative of multicarrier OFDM signals dictates the need for highly linear and efficient
amplifiers, as well as a method to characterize them.
Transmitted signals such as OFDM, which do not have a constant power envelope, are not well-
characterized by peak-to-average power ratio. This metric is not useful, as the true peak power
may not occur often. It is usually more meaningful for OFDM signals to associate a percentage
probability with a power level.
38
A more meaningful method for viewing OFDM signal power characteristics uses the
complementary cumulative distribution function (CCDF). This metric links a percentage
probability to a power level. In this measurement, an instrument with time-gating capability is
used to select only the active portion of the burst (see Figure 2 lower trace).
If time gating were not used, the periods when the burst is off would reduce the average power
calculation. The CCDF, which is simply the more common cumulative distribution function
(CDF) subtracted from 1.0, shows the number of decibels above the average power on the
horizontal axis, and percent probability on vertical axis (see Figure 2 upper trace). A CCDF
measurement would be made over several bursts to improve the accuracy of the measurement.
802.11b, which was approved by the IEEE in 1999, is an extension of the 802.11 DSSS system
previously mentioned and supports higher 5.5 and 11 Mb/s payload data rates in addition to the
original 1 and 2 Mb/s rates. Products are now widely available, and the installed base of systems
is growing rapidly. 802.11b also operates in the highly populated 2.4 GHz ISM band (2.40 to
2.4835 GHz), which provides only 83 MHz of spectrum to accommodate a variety of other
radiating products, including cordless phones, microwave ovens, other WLANs, and personal
area networks (PANS). This makes susceptibility to interference a primary concern. The
occupied bandwidth of the spread-spectrum channel is 22 MHz, so the ISM band accommodates
only three non-overlapping channels spaced 25 MHz apart. To help mitigate interference effects,
802.11b designates an optional frequency agile or hopping mode using the three non-overlapping
channels or six overlapping channels spaced at 10 MHz.
802.11b uses eight-chip complementary code keying (CCK) as the modulation scheme to
achieve the higher data rates. Instead of the Barker codes used to encode and spread the data for
the lower rates, CCK uses a nearly orthogonal complex code set called complementary
sequences. The chip rate remains consistent with the original DSSS system at 11 Mchip/s, while
the data rate varies to match channel conditions by changing the spreading factor and/or the
modulation scheme.
To achieve data rates of 5.5 and 11 Mb/s, the spreading length is first reduced from 11 to eight
chips. This increases the symbol rate from 1 Msym/s to 1.375 Msym/s. For the 5.5-Mb/s bit rate
with a 1.375 MHz symbol rate, it is necessary to transmit 4 bits/symbol (5.5 Mb/s/1.375
Msym/s) and for 11 Mb/s, an 8 bits/symbol. The CCK approach taken in 802.11b, which keeps
the QPSK spread-spectrum signal and still provides the required number of bits/symbol, uses all
but two of the bits to select from a set of spreading sequences and the remaining two bits to
rotate the sequence. The selection of the sequence, coupled with the rotation, represents the
symbol conveying the four or eight bits of data. For all 802.11b payload data rates, the preamble
and header are sent at the 1 Mb/s rate.
39
Practice 802.11b
The 20 MHz-wide bandwidth of WLAN signals makes power envelope measurements difficult
because most spectrum analyzers have resolution bandwidth filters that are limited to 10 MHz or
less. Therefore, the signal is considerably attenuated by the time the power is measured within
the instrument. Vector signal analyzers are available with information bandwidths that are
considerably greater than 20 MHz, making WLAN signal analysis more accurate.
The 802.11b standard uses error vector magnitude (EVM) as a measure of modulation quality.
This measurement has become common for most wireless applications. The underlying
philosophy of EVM is that any signal deteriorated by a noisy channel can be represented as the
sum of an ideal signal and an error signal. The test instrument determines the error signal by
reconstructing the ideal signal based on detected signal information and subtracting it from the
actual signal at each sample point.
A drawback of the 5 GHz band, which has received considerable attention, is its shorter
wavelength. Higher-frequency signals will have more trouble propagating through physical
obstructions encountered in an office (walls, floors, and furniture) than those at 2.4 GHz. An
advantage of 802.11a is its intrinsic ability to handle delay spread or multipath reflection effects.
The slower symbol rate and placement of significant guard time around each symbol, using a
technique called cyclical extension, reduces the inter-symbol interference (ISI) caused by
multipath interference. (The last one-quarter of the symbol pulse is copied and attached to the
beginning of the burst. Due to the periodic nature of the signal, the junction at the start of the
original burst will always be continuous.) To contrast, 802.11b networks are generally range-
limited by multipath interference rather than the loss of signal strength over distance.
When it comes to deployment of a wireless LAN, operational characteristics have been
compared to those of cellular systems, where frequency planning of overlapping cells minimizes
mutual interference support mobility and seamless channel handoff. The three non-overlapping
frequency channels available for IEEE 802.11b are at a disadvantage compared to the greater
number of channels available to 802.11a. The additional channels allow more overlapping access
points within a given area while avoiding additional mutual interference.
Both 802.11b and 802.11a use dynamic rate shifting where the system will automatically adjust
the data rate based on the condition of the radio channel. If the channel is clear, then the modes
with the highest data rates are used. But as interference is introduced into the channel, the radio
will fall back to a slower, albeit more robust, transmission scheme.
Network planning is critical to the development of an optimized system. Each network must be
customized to satisfy the planned applications and the physical environment. Requirements must
be researched and well-documented, including anticipated roaming and data rates needed for
applications to be used at specific locations. A site survey must be thorough and realistic to
40
adequately characterize the RF environment of the proposed wireless network in terms of range,
channel interference and delay spread.
It would be unrealistic to expect to realize the full data rate capability (54 Mb/s) of 802.11a if the
access points of an existing 802.11b network optimized to operate at full speed (11 Mb/s) —
were simply replaced. But as has been shown, 802.11a is faster than 802.11b at any range. Cost
vs. performance requirements need thorough analysis during the network planning stage to arrive
at the appropriate implementation decision.
Testing is critical to any product development process. WLAN products require that special
attention be given to design verification and characterization because standardized operation
across multivendor products may be required. To provide an efficient development environment,
test tools are available to quickly diagnose problems and isolate them throughout all design
segments. These tools can be used within the manufacturing process to generate and analyze
production metrics for process and product improvement.
Even during these lean economic times, when there is a reduced demand for technology
products, the new, but already robust WLAN market is projected to grow by an order of
magnitude over the next five years. These wireless networks will require increasing data rates to
provide the simultaneous distribution of Internet data, high-quality video and audio in the office
or at home. In addition to higher data rates, it is almost a foregone conclusion that end-users will
be demanding continuous improvements in functionality, ease-of-use and reliability.
Conclusion
Wireless networking has a promising future with 802.11 leading the way as the standard for
adoption in local networking environments. 802.11 addresses mobility, security, reliability, and
the dynamic nature of wireless LANS while keeping compatibility with 802-type legacy
networks. Expect to see availability of 802.11 products increase dramatically in the near future as
businesses discover the increased productivity provided by ‘untethered’ networks.
802.11-based networks have seen widespread deployment across many fields, mainly due to the
physical conveniences of radio-based communication. This deployment, however, was
predicated in part on the user expectation of confidentiality and availability. This paper
addressed the availability aspect of that equation. We examined the 802.11 MAC layer and
described the architecture and the main functions of the MAC as part of the protocol stack also
we made a few comparisons. WE think that with the comparisons we have offered an interesting
issue and that the description has more efficiency. Security as a part of the protocol stack has
also been mention because the protocol stack as a part of the software is the first part in what
people are interested in. The widespread acceptance of WLANs depends on industry
standardization to ensure product compatibility and reliability among the various manufacturers.
The Institute of Electrical and Electronics Engineers (IEEE) ratified the original 802.11
specification in 1997 as the standard for wireless LANs. That version of 802.11 provides for 1
Mbps and 2 Mbps data rates and a set of fundamental signaling methods and other services.
The most critical issue affecting WLAN demand has been limited throughput. The data rates
supported by the original 802.11 standard are too slow to support most general business
requirements and have slowed adoption of WLANs. Recognizing the critical need to support
41
higher data-transmission rates, the IEEE recently ratified the 802.11b standard (also known as
802.11 High Rate) for transmissions of up to 11 Mbps. Global regulatory bodies and vendor
alliances have endorsed this new high-rate standard, which promises to open new markets for
WLANs in large enterprise, small office, and home environments. With 802.11b, WLANs will
be able to achieve wireless performance and throughput comparable to wired Ethernet.
Businesses of all sizes can benefit from deploying a WLAN system, which provides a powerful
combination of wired network throughput, mobile access, and configuration flexibility. The
economic benefits can add up to as much as $16,000 per user—measured in worker productivity,
organizational efficiency, revenue gain, and cost savings—over wired alternatives.
So at the end we hope that we have offered a general overview of the IEEE 802.11, especially
protocol stack and physical layers, parts that are defined in the IEEE Standard. The IEEE 802.11
is a huge topic and the Standards we can download free from the internet.
42
Abbreviation
43
Glossary
The term WiMAX has become synonymous with the IEEE 802.16 suite of standards. These
define the radio or air interface within two broad radio bands 2GHz to 11GHz (IEEE 802.16a)
and 10GHz - 66GHz (IEEE 802.16c) although initial interest is confined to the line of sight
bands - 2.5GHz, 3.5GHz and 5.8GHz. It is anticipated that WiMAX will be used initially as a
backhaul connection with other technologies such as Wi-Fi being used to cover the “final mile”.
Physical Link
A Physical Link is the connection between devices.
44
QoS - Quality of Service
The performance of a communications channel or system is usually expressed in terms of QoS
(Quality of Service). Depending upon the communication system, QoS may relate to service
performance, SNR (Signal to Noise Ratio), BER (Bit Error Ratio), maximum and mean
throughput rate, reliably, priority and other factors specific to each service.
IEEE 802.11a
Part of the IEEE 802.11 family of specifications, this wireless local area network technology is
comprised of a high speed physical layer operating in the 5GHz unlicensed band and supports
data rates up to 54Mbps. Equipment operating in accordance with the IEEE specifications and
passing the Alliances interoperability tests is able to display the Wi-Fi logo.
Several manufacturers have developed equipment which is capable of operating in accordance
with both IEEE 802.11a and IEEE 802.11bspecifications.
45
IEEE 802.11b
Part of the IEEE 802.11 family of specifications, IEEE 802.11b is currently the most popular
wireless networking technology. The equipment operates in the 2.4GHz unlicensed band and
utilizes HR/DSSS (High Rate - Direct Sequence Spread Spectrum) enabling data rates of up to
11Mbps to be achieved. Equipment operating in accordance with the IEEE specifications and
passing the Wi-Fi Alliances interoperability tests is able to display the Wi-Fi logo.
Several manufacturers have developed equipment which is capable of
operating in accordance with both IEEE 802.11a and IEEE 802.11b
specifications.
AP - Access Point
An Access Point is a device found within an IEEE 802.11 network which provides the point of
interconnection between the wireless Station (laptop computer, PDA (Personnel Digital
Assistant) etc.) and the wired network.
46