The Cable Guy - March 2002
IEEE 802.11b Wireless Networking Overview
In September of 1999, the Institute of Electrical and Electronic Engineers (IEEE) ratified the specification for IEEE 802.11b, also known as Wi-Fi. IEEE 802.11b defines the physical layer and media access control (MAC) sublayer for communications across a shared, wireless local area network (WLAN).
At the physical layer, IEEE 802.11b operates at the radio frequency of 2.45 gigahertz (GHz) with a maximum bit rate of 11 Mbps. It uses the direct sequence spread spectrum (DSSS) transmission technique. At the MAC sublayer of the Data Link layer, 802.11b uses the carrier sense multiple access with collision avoidance (CSMA/CA) media access control (MAC) protocol.
A wireless station with a frame to transmit first listens on the wireless medium to determine if another station is currently transmitting (this is the carrier sense portion of CSMA/CA). If the medium is being used, the wireless station calculates a random backoff delay. Only after the random backoff delay elapses can the wireless station again listen for a transmitting station. By instituting a random backoff delay, multiple stations that are waiting to transmit do not end up trying to transmit at the same time (this is the collision avoidance portion of CSMA/CA).
Collisions can occur and, unlike with Ethernet, they might not be detected by the transmitting nodes. Therefore, 802.11b uses a Request to Send (RTS)/Clear to Send (CTS) protocol with an Acknowledgment (ACK) signal to ensure that a frame is successfully transmitted and received.
Wireless Networking Components
IEEE 802.11b wireless networking consists of the following components:
A station (STA) is a network node that is equipped with a wireless network device. A personal computer with a wireless network adapter is known as a wireless client. Wireless clients can communicate directly with each other or through a wireless access point (AP). Wireless clients are mobile.
- Wireless APs
A wireless AP is a wireless network node that acts as a bridge between STAs and a wired network. A wireless AP contains:
- At least one interface that connects the wireless AP to an existing wired network (such as an Ethernet backbone).
- A wireless network device with which it creates wireless connections with STAs.
- IEEE 802.1D bridging software, so that it can act as a transparent bridge between the wireless and wired networks.
The wireless AP is similar to a cellular phone network's base station. Wireless clients communicate with both the wired network and other wireless clients through the wireless AP. Wireless APs are not mobile and act as peripheral bridge devices that extend a wired network.
A port is a channel of a device that can support a single point-to-point connection. For IEEE 802.11b, a port is an association, a logical entity over which a single wireless connection is made. A typical wireless client with a single wireless network adapter has one port and can support only one wireless connection. A typical wireless AP has multiple ports and can simultaneously support multiple wireless connections. The logical connection between a port on the wireless client and the port on a wireless AP is a point-to-point bridged LAN segment similar to an Ethernet-based network client that is connected to an Ethernet switch.
IEEE 802.11b Operating Modes
IEEE 802.11 defines two operating modes: Ad hoc mode and Infrastructure mode.
In ad hoc mode, also known as peer-to-peer mode, wireless clients communicate directly with each other (without the use of a wireless AP). Two or more wireless clients who communicate using ad hoc mode form an Independent Basic Service Set (IBSS). Ad hoc mode is used to connect wireless clients when a wireless AP is not present.
In infrastructure mode, there is at least one wireless AP and one wireless client. The wireless client uses the wireless AP to access the resources of a wired network. The wired network can be an organization intranet or the Internet, depending on the placement of the wireless AP.
A single wireless AP that supports one or multiple wireless clients is known as a Basic Service Set (BSS). A set of two or more wireless APs that are connected to the same wired network is known as an Extended Service Set (ESS). An ESS is a single logical network segment (also known as a subnet), and is identified by its Service Set Identifier (SSID). If the available physical areas of the wireless APs in an ESS overlap, then a wireless client can roam, or move from one location (with a wireless AP) to another (with a different wireless AP) while maintaining Network layer connectivity.
IEEE 802.11b Operation Basics
When a wireless adapter is turned on, it begins to scan across the wireless frequencies for wireless APs and other wireless clients in ad hoc mode. Assuming that the wireless client is configured to operate in infrastructure mode, the wireless adapter chooses a wireless AP with which to connect. This selection is made automatically by using an SSID and signal strength and frame error rate information. Next, the wireless adapter switches to the assigned channel of the selected wireless AP and negotiates the use of a port. This is known as establishing an association.
If the signal strength of the wireless AP is too low, the error rate too high, or if instructed by the operating system (in the case of Windows XP), the wireless adapter scans for other wireless APs to determine whether a different wireless AP can provide a stronger signal or lower error rate. If such a wireless AP is located, the wireless adapter switches to the channel of that wireless AP and negotiates the use of a port. This is known as reassociation.
Reassociation with a different wireless AP can occur for several reasons. The signal can weaken as either the wireless adapter moves away from the wireless AP or the wireless AP becomes congested with too much traffic or interference. By switching to another wireless AP, the wireless adapter can distribute the load to other wireless APs, increasing the performance for other wireless clients. You can achieve contiguous coverage over large areas by placing your wireless APs so that their signal areas overlap slightly. As a wireless client roams across different signal areas, it can associate and reassociate from one wireless AP to another, maintaining a continuous logical connection to the wired network.
IEEE 802.11 Security
The IEEE 802.11 standard defines the following mechanisms for wireless security:
- Authentication through the open system and shared key authentication types
- Data confidentiality through Wired Equivalent Privacy (WEP)
Open system authentication does not provide authentication, only identification using the wireless adapter's MAC address. Open system authentication is used when no authentication is required. Some wireless APs allow the configuration of the MAC addresses of allowed wireless clients. However, this is not secure because the MAC address of a wireless client can be spoofed.
Shared key authentication verifies that an authenticating wireless client has knowledge of a shared secret. This is similar to preshared key authentication in Internet Protocol security (IPsec). The 802.11 standard currently assumes that the shared key is delivered to participating STAs through a secure channel that is independent of IEEE 802.11. In practice, this secret is manually configured for both the wireless AP and client. Because the shared key authentication secret must be distributed manually, this method of authentication does not scale to a large infrastructure mode network (for example, corporate campuses and public places, such as malls and airports). Additionally, shared key authentication is not secure and is not recommended for use.
Inherent in the nature of wireless networks, securing physical access to the network is difficult. Because a physical port is not required, anyone within range of a wireless AP can send and receive frames, as well as listen for other frames being sent. Without WEP, eavesdropping and remote packet sniffing would be very easy. WEP is defined by the IEEE 802.11 standard and is intended to provide the level of data confidentiality that is equivalent to a wired network.
WEP provides data confidentiality services by encrypting the data sent between wireless nodes. WEP encryption uses the RC4 symmetrical stream cipher with either a 40-bit or 104-bit encryption key. WEP provides data integrity from random errors by including an integrity check value (ICV) in the encrypted portion of the wireless frame.
However, one significant problem remains with WEP. The determination and distribution of WEP keys are not defined and must be distributed through a secure channel that is independent of 802.11. In practice, this is a text string that must be manually configured (using a keyboard) for both the wireless AP and wireless clients. Obviously, this key distribution system does not scale well to an enterprise organization.
Additionally, there is no defined mechanism to change the WEP keyeither per authentication or at periodic intervals over the duration of an authenticated connection. All wireless APs and clients use the same manually configured WEP key for multiple connections and authentications. With multiple wireless clients sending large amounts of data, it is possible for a malicious user to remotely capture large amounts of WEP cipher text and use cryptanalysis methods to determine the WEP key.
The lack of WEP key management, to both automatically determine a WEP key and change it frequently, is a principal limitation of 802.11 security, especially with a large number of wireless clients in infrastructure mode. The lack of automated authentication and key determination services also effects operation in ad hoc mode, where users might want to engage in peer-to-peer collaborative communication (for example, in areas such as conference rooms).
The combination of a lack of both adequate authentication methods and key management for encryption of wireless data has led the IEEE to adopt the IEEE 802.1X Port-Based Network Access Control standard for wireless connections. The details of IEEE 802.1X will be described in a future TechNet Cable Guy article.
Windows XP Support for IEEE 802.11b
Windows XP provides built-in support for IEEE 802.11b. An installed wireless adapter scans for available wireless networks and passes that information to Windows XP. Next, the Windows XP Wireless Zero Configuration service configures wireless connectivitywithout the need for user configuration or intervention. If no wireless APs are found, Windows XP configures the wireless adapter to use ad hoc mode. The Windows XP Wireless Zero Configuration service is integrated with support for IEEE 802.1X authentication.
While the Windows XP Wireless Zero Configuration service provides automatic configuration for most wireless situations, you can manually configure IEEE 802.11b settings on the Wireless Networks tab, which is available in the properties of a connection that corresponds to an installed wireless adapter in the Network Connections folder. The Wireless Networks tab only appears for wireless adapters.
On the Wireless Networks tab, you can view and configure the following:
- Whether you want Windows XP to automatically configure your wireless settings through the Wireless Zero Configuration service. You can disable this service if you have third-party wireless configuration software.
- The list of wireless networks that are within association range of your computer.
- The ordered list of preferred wireless networks with which the wireless client computer attempts to associate and authenticate.
- Whether the wireless client computer operates in ad hoc mode, infrastructure mode, or both. By default, a Windows XP wireless client operates in both modes, but infrastructure mode and connections to wireless APs is preferred.
- For each wireless network that is found or manually added, you can configure the wireless network name, whether WEP is enabled, the type of authentication, whether the wireless network is in ad hoc or infrastructure mode, and whether the WEP key is automatically determined or manually configured.
For More Information
For more information about IEEE 802.11b support in Windows XP, see the Microsoft Wireless Networks Web site.
For a list of all The Cable Guy articles, click here.