Wireless Networking Basics III: Media Access Control and Network Layer Standards

The logo for the IEEE 802.11 Working Group
The logo for the IEEE 802.11 Working Group

The IEEE 802.11 standard specifies that all WLAN features are implemented in the Physical and MAC layers of the networking protocol model. This insures that no further alterations in the fundamental model are needed to run wireless applications. New features can be added to the higher layers as long as they do not change the principles of how the model operates.

What is this OSI model?

And why is it so gosh-darned important?

IEEE Wireless LAN Configurations

Basic Service Set, Extended Service Set, and Independent Service Set

A basic service set (BSS), also known as infrastructure mode, is defined as a group of wireless devices that is served by a single access point (AP). Laptops and other devices send and receive their transmissions to a single, central access point, which will usually be connected to a wired network. If the access point is not connected to the wired network, devices within the BSS would only be able to communicate with each other and not with any device outside the BSS. The BSS is assigned a unique identifier known as the Service Set Identifier (SSID), which is the “network name” for the BSS. The SSID can be any alphanumeric string between 2 and 32 characters.

The Basic Service Area (BSA) is the geographical area of the basic service set. Many 802.11b networks advertise that a mobile device can be up to 114 meters (375 feet) away from an access point; however, environmental factors such as doors, ceilings, and walls often interfere with the signal, decreasing its effective range. Most wireless networks make use of dynamic rate shifting, which means that the network will automatically scale down the transmission speed as a device moves farther away from a network.

Extended service sets (ESS) are a collection of two or more Basic Service Sets connected through a common distribution system. By making use of multiple access points, Extended Service Sets are capable of handling the load of more devices than one Basic Service Set would be able to handle alone. Access points are often positioned much like cells in a cellular telephone system and are designed to handle movement between access points, known as roaming. If a wireless device is within range of more than one access points, it will choose the AP with the best signal strength. Once the AP accepts the wireless device, the client device “tunes” to the radio channel at which the AP is set. The mobile device continues to survey the appropriate radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device associates with the new AP in a process called a handoff. This appears to the user as a seamless process.

An Independent Basic Service Set (IBSS) is a wireless network that may not use an access point. This is also known as peer-to-peer or ad hoc mode. Wireless devices communicate directly between themselves. In cases where there is no access point, the network will not route out to the Internet. An ordinary Basic Service Set has more flexibility in connecting to other wired or wireless networks, while Independent Basic Service Sets are useful for setting up a wireless network in which users need to share data but don’t need to access an external network or the Internet.

IEEE 802.11 MAC Layer Standards

The Media Access Control (MAC) layer serves several purposes, including discovering a WLAN signal, joining the WLAN, transmitting data over the WLAN, and remaining connected to the WLAN. When it transmits data over the network, the data is divided into smaller segments, known as packets or frames, and packaged with bits that contain information that helps the receiving device interpret the data. Frames are used by wireless NIC and access points for communicating as well as managing the network.

Management frames use probe IDs to set up initial communications between devices and the access point or between devices. Their tasks include authentication, association, disassociation, and reassociation. With authentication, an access point decides whether to accept or reject a device based on information given. It then send an association response frame; if positive, the access point will reserve space for the wireless device. APs also send out beacon frames to announce their presence, allowing wireless devices to find them. With disassociation, the wireless device will send a frame to the access point, ending the communication. With reassociation, the wireless device moves from one cell to another.

Control frames provide assistance in delivering data frames. Data frames carry information to be transmitted to the destination device.

Countering a MAC Attack

It is possible for somebody on the outside to exploit weaknesses in the MAC layer, so be alert.

Discovering the WLAN

Is your network secure from pranksters who go around “war driving?” If not, be warned: people really do this!

The MAC layer’s first major function involves defining the procedures by which the wireless device discovers the WLAN. This discovery must meet two conditions. First, the access point must transmit an appropriate frame; and, second, the wireless device must be looking for these frames in case it enters an area in which wireless coverage exists.

Access points announce their presence in a process known as beaconing. At regular intervals, they transmit a beacon frame that announces their presence and provides the necessary information for other devices to join the network. This provides the “pulse” of the wireless network and an orderly means for wireless devices to join the WLAN. Beacon frames include:

  • The beacon interval, which tells the amount of time between beacon transmissions.
  • The timestamp, which forces all wireless devices to update their local clock and synchronize with the access point.
  • The Service Set Identifier (SSID), which identifies the wireless network.
  • The supported rates, which lists the transmission rates that a wireless network supports. For example, an 802.11b network normally supports 1, 2, 5.5, and 11 Mbps data rates.
  • The parameter sets provide information about which modulation scheme is used, such as frequency hopping spread spectrum or direct sequence spread spectrum.
  • Capability information, which provides the requirements of the wireless devices if they wish to join the network.

In an ad hoc network, each wireless device assumes the responsibility of sending beacon frames.

The wireless device is responsible for scanning for these beacon frames in order to join a network. It can use passive scanning to simply listen for a beacon frame. If it receives more than one, it will attempt to associate with the access point with the strongest signal strength. Another option is active scanning, in which the wireless device sends out management probe request frames on all available channels and waits for a probe response frame from all available APs.

Joining A WLAN

After a wireless device has detected an access point, the next step is authentication. This differs from traditional authentication, in which a human being sits down at a desktop and enters a username and password, in that the wireless device must be authenticated before it can join the network. This can take one of two forms. The first one is called Open System, or Open Architecture authentication. This is the most basic, and the default, method. After discovering the network and receiving the necessary information, the wireless device will send an association request frame to the access point that includes information about the data rates the device can support and the SSID of the network it wants to join. If the SSID sent by the device matches the SSID the access point has, the access point will authenticate the device and respond with an association response frame. If not, the access point will reject the device.

Another type of authentication is called shared key authentication. In this type, both the access point and the wireless device are given the same key value in advance. A wireless device send an authentication frame to the AP, which then sends back an authentication frame that contains the challenge text. The wireless device must encrypt the text and send it back to the AP in an authentication frame. The AP then decrypts it and compares it to the original challenge text. If it matches, the wireless device is authenticated; if not, it is rejected.

A more secure means of authenticating a device is through digital certificates, which are digital documents that associate an individual with a key value. This is digitally “signed” by a trusted third party. It is not possible to change a digital certificate without being detected.

Once a wireless device is authenticated, the AP responds with an association response frame, which contains an acceptance or rejection notice. If the AP accepts, it reserves memory space for the device and establishes an association ID for it.

Transmitting on the WLAN

Distributed Coordination Function (DCF)

Because the wireless medium is shared, there must be rules for cooperation among the wireless devices. The different ways of sharing are called channel access methods. One such method is known as contention, in which computers compete for network time. However, this method causes collisions because, frequently, more than one computer will try to access the network at the same time. This creates the same effect as more than one person in a group of people trying to talk at the same time; the message of all the speakers get garbled.

The IEEE 802.3 Ethernet standard includes the Carrier Sense Multiple Access with Collision Detection (CSMA/CD). This standard specifies that before a networked device sends data, it should first listen on the wire (called carrier sensing) to see if another device is transmitting. If it senses traffic on the network, it will wait until the traffic is finished before transmitting. If it senses no traffic, it can send its frame. This does not entirely eliminate collisions, since two computers can simultaneously detect no traffic and then try to transmit their data at the same time. If this happens, the two computers involved will stop sending and send a “jam” signal that tells all other devices to wait before sending frames. The two sending computers wait a random amount of time, called a backoff interval, before attempting to resend.CSMA/CD is typically not used on wireless networks because it is difficult to detect collisions, and also because of the hidden node problem: one mobile device on the wireless network might be undetectable to all the others. Instead, wireless networking uses Distributed Coordination Function (DCF), which specifies that a modified procedure known as Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) is used. CSMA/CA attempts to avoid collisions altogether. Instead of using jam signals when collisions occur, CSMA/CA forces all computers to wait a random amount of time after the transmission medium is clear to transmit their data. This amount of time is called the slot time. CSMA/CA also uses explicit frame acknowledgment. An acknowledgement frame, or ACK, is sent by the receiving device back to the sending device to confirm that the data frame arrived intact. If the sending device does not receive the ACK frame, a problem is assumed to have occurred and the frame is sent again.

802.11 handles the hidden node problem with virtual carrier sensing, also called the Request To Send/Clear to Send (RTS/CTS) protocol. If a device has data to send, it will transmit a Request to Send (RTS) frame to the access point. This frame contains a duration field that indicates the length of time needed for both the transmission and the returning ACK frame. This alerts the access point as well as all stations receiving the RTS frame that the wireless device needs to reserve the medium for that amount of time. The information is then stored in each receiving station’s net allocation vector (NAV). The access point then responds with a Clear to Send frame that alerts all devices that the medium is reserved and they should suspend any transmissions. Once the transmitting device receives the CTS, is will proceed with transmitting its frame.

Due to the overhead of RTS/CTS, 802.11 allows short data packets to be transmitted without RTS/CTS. Only packets longer than the RTS threshold need to be transmitted using RTS/CTS.

Interframe Spacing

The 802.11 standard defines three different interframe spaces (IFS) or “time gaps.” These are standard spacing intervals between the transmissions of the data frames. Instead of being just “dead space,” these time gaps are used for special types of transmissions. One time gap, the short IFS (SIFS), is used for immediate response actions such as ACK frames. Another time gap is the Point Coordination Function IFS (PIFS). This is the time used by a device to access the medium after it has been asked and then given approval to transmit. The Distributed Coordination Function IFS (DIFS) is the standard interval between the transmission of data frames.


In the case of transmitting data over a network, fragmentation refers to breaking up data to be transmitted into segments called packets or frames. Sending many smaller packets instead of one large one helps reduce the chance of collisions and the time needed to transmit the data. If one packet is lost due to a collision, it takes less time to retransmit that smaller packet than it would to retransmit the entire message. When the receiving device receives all the packets, it reassembles them into the original message.


CSMA/CD and CSMA/CA are both based on the contention channel access method, in which any computer can attempt to transmit a message at any time. Polling is another type of channel access method, in which each device of the network is asked in sequence if it has data to transmit. If the answer is yes, then it is given permission to transmit while all other devices must wait. If the answer is no, then the next device is asked. This effectively eliminates collisions because each device must wait its turn to transmit. The downside of this is that it can have an impact of performance. This method of controlling access to the network is also known as token ring topology.

The 802.11 standard calls this optional polling function Point Coordination Function (PCF). With PCF, the access point serves as the point coordinator or polling device. It queries each device in turn to determine if the device needs to transmit. The point coordinator begins by sensing the medium, just as all other devices do, after a SIFS time gap during which an ACK was transmitted. However, whereas the other devices must wait through the duration of the distributed coordination function IFS (DIFS) time gap, the point coordinator only has to wait through the point coordination function IFS (PIFS). Because the PIFS is shorter than the DIFS time gap, the point coordinator gains control of the medium before any other devices.

If the point coordinator hears no traffic at the end of the PIFS time gap, then it sends out a frame, known as a beacon frame, to all stations. One field of this frame contains a value that indicates the length of time that PCF (polling) will be used instead of DCF (contention.) After the stations receive this beacon frame they must stop any transmission for that length of time. The point coordinator then sends out another frame to a specific station, granting it permission to transmit one frame to any destination. If it has nothing to send, then that station returns a null data frame to the point coordinator.
Because each station can be told the length of time that PCF will be used instead of DCF, a WLAN can alternate between PCF and DCF. At the conclusion of the reserved PCF time, the WLAN automatically returns to the default DCF method.

Quality of Service and 802.11e

Quality of Service (QoS) is the capibility to differentiate different types of frames and give priority to time-sensitive frames. This was developed as a means to get around DCF’s inability to distinguish between voice, video, and other types of data transmitted over a network. QoS on WLANs is an area of increasing interest with the widespread of Voice over IP (VoIP) telephone service. VoIP uses IP-based data packet switching networks to transmit voice communications. This gives employees who are frequently away from their desks and telephones greater flexibility and reduces operating costs associated with use of cell phones and private radio walkie-talkie systems.

Implementing QoS over WLANs poses several challenges. Although it is possible to use PCF or a combination of DCF and PCF for QoS, most wireless manufacturere have chosen not to provice optional PCF service in their equipment. This has resulted in some venders offering proprietary wireless QoS, which forces customers to adopt one brand of equipment. Other approaches have been more innovative. For example, some hospitals have installed multiband 802.11 a/b/g wireless infrastructures and dedicate the 5 GHz 802.11a system to data transmissions and the 2/4 GHz 802.11 b/g to voice communications.The Wi-Fi Alliance released its own QoS specification in 2004 known as Wi-Fi Multimedia (WMM). WMM is modeled after a wired network QoS prioritization scheme. WMM outlines four levels of prioritization for WLAN QoS.

  • WMM Voice Priority is the highest priority and facilitates multiple high-quality voice calls.
  • WMM Video Priority is the second-highest priority and handles video traffic.
  • WMM Best Effort Priority includes traffic from applications that are not time sensitive; these get third priority.
  • WMM Background Priority is the lowest priority and includes print jobs and file transfers.

The ultimate implementation of wireless QoS rests with the IEEE 802.11e standard, which defines a superset of features intended to provide QoS over WLANs. This proposes two new modes of operation for the 802.11 MAC layer. The first is known as Enhanced Distributed Channel Access (EDCA), which is contention based yet supports different types of traffic. Four different streams, or access categories (AC), which are differentiated by priority, will be available. Stations will still have to contend for access, but the channel access parameters will differ from one AC to another.

The second mode of operation is Hybrid Coordination Function Controlled Channel Access (HCCA), which is a new form of PCF based on polling that serves as a centralized scheduling mechanism. For example, a VoIP transmission would send a resource reservation request to the access point. The access point would then provide an appropriate assignment based on the data rate, frame size, and other parameters.

Remaining Connected to the WLAN


Reassociation is the process by which a wireless device can move between access points within a network. This becomes necessary when a person carrying a laptop, tablet or other portable Wi-Fi-enabled device roams between the coverage areas provided by each access point, or the signal from an access point becomes weak or even non-existent, due to interference or technical difficulties. The process of reassociating, or disassociating from one access point and connecting with another, is always initiated by the wireless device and never the access pount.

Power Management

Most wireless devices in a WLAN are portable laptop computers, tablets, or Smart Phones, giving the users freedom to roam without being tethered by wires. Most laptops depend on batteries as their primary power source and will go into sleep mode after a set period of inactivity to conserve battery power. Sleep mode powers down some of its hardware, such as the hard drive and display screen. However, the laptop must remain “awake” in order to receive transmissions from the WLAN it is connected to. The original 802.11 standard assumes that stations are always ready to receive a network message. If a laptop is in sleep mode, it could miss transmitted information or lose the network connection altogether.

To solve the dilemma of efficient power usage versus network connectivity, the 802.11 standard currently defines power management. This allows laptops and other wireless devices to conserve their battery without losing network connections and important transmissions. Power management is transparent to all protocols and applications so that it will not interfere with normal network functions.

The process of power management differs based on the WLAN configuration. In an infrastructure WLAN, when a mobile 802.11 device is running on battery and goes into sleep mode, the access point is informed. The access point then makes a record of the fact and, if it receives transmissions meant for this device, it will temporarily store the data. This is called buffering.

At set times, the access point will send out a beacon frame to all stations. This frame contains a list, known as the traffic indication map (TIM), of the stations that have buffered frames waiting at the access point. At the same set time, all stations that have been sleeping will switch from sleep mode to active listening mode. This is possible because, even if a device is sleeping, its clock does not stip. Once in active listening mode, stations that have buffered frames stored in the access point, the AP receives a message. If the device has buffered frames waiting, the station can request to have those frames forwarded. If not, it will return to sleep mode.

In an ad hoc network, every device must buffer the frames it attempts to send to another device in case the receiving device is asleep. At a specific period of time, known as the ad hoc traffic indication message (ATIM) window, each device must be awake. At this time, a wireless device sends a beacon frame to all other devices. Then those devices that previously attempted to send a frame to a sleeping device will send an ATIM frame, which indicates that a receiving device has data waiting for it and must remain awake. If a device does not receive an ATIM frame, it can go back to sleep. The buffered frames will then be transmitted to the receiving device.

When a laptop, either in ad hoc or infrastructure mode, is connected to a standard alternating current (AC) for power, it is in continuous aware mode (CAM) and remains in communication with the AP or other wireless devices. Even if the screen or hard drive powers down, the wireless NIC remains in communication.

WLAN IP Addressing

The standard protocol for local area computer networks, both wired and wireless, is Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP is made up of several different protocols and computer programs, each performing different tasks. The IP protocol, which functions at the Network layer of the OSI model, is responsible for moving frames from one computer to another.

TCP/IP works on the principle that each device on the network (called a host) has a unique IP address. This address “tells” the network where to send traffic meant for each specific device on a network. If the data is sent to a device on another network, the message will be forwarded through a series of routers until it arrives at its destination.

Mobile IP

Because TCP/IP was initially designed for stationary devices that don’t roam from one network to another and don’t need to change IP addresses, each device will need a new IP address for each network it connects to. The easiest way to handle this is to set up DHCP servers on each network that can dynamically assign IP addresses from a pool, and make certain each device that is inclined to roam is equipped to receive IP assignments from DHCP servers.

Another way to handle the matter is by using Mobile IP, which provides a mechanism within the TCP/IP protocol to support mobile computing. It does not replace TCP/IP; it merely provides additional services. With Mobile IP, computers are given a static IP number which acts as their home address. The computer is also given a home agent, which is a forwarding mechanism that keeps track of where the mobile computer is located. When the computer roams to a foreign network, a foreign agent provides routing services to the mobile computer and assigns a new, but temporary, IP address. This is known as the care-of address. When a frame is sent to the home address, the home agent intercepts the frame and encapsulates that frame into a new frame with the care-of address as the destination address. It then redirects it to the foreign address, which sends it to the computer now located on the foreign network.

Download Standards from ANSI

[simple-rss feed=”http://rest.ebay.com/epn/v1/find/item.rss?keyword=Wireless+Networking+Supplies&categoryId1=58058&sortOrder=BestMatch&programid=1&campaignid=5337337555&toolid=10039&customid=USB&listingType1=All&lgeo=1&feedType=rss” limit=5]