CWNP CWNA – MAC Architecture

1. MAC Architecture

In this module, we’re going to talk about the Mac architecture. So we’re going to go back to the wired network, or actually the OSI, and talk about what packets, frames and bits are, and then how layer two breaks down into the data link. And the Mac layers, how we work with the physical layer, in this case, physical not being a wire, but being radio frequency.

Then we’ll take a look at how we get the wireless and the wired to work together. We’ll talk about different types of frames in the wireless world. Frames like beacons or probes, those types of things. We’ll look at the concept of passive scanning, active scanning, the authentication association that we have with the access points from a client, the different states that we’re in. And then we’ll talk about this idea of basic and supported data rates.

2. Packets, Frames, and Bits (eNotes)

So when we look at the OSI model and I’m just going to worry about the bottom three layers of this, and those layers are the network, what we call the data link. But remember, it’s actually broken into two little pieces, the link layer and the Mac address. And then physical. And physical is really what we’ve been talking a lot about, the radio frequency. So as we have a big piece of data that we want to transmit, we do have some limitations on how big each bit of that data is going to be. And so we break it down into little pieces. We call them segments.

And with each of those segments so here’s my data. And technically we have a transport protocol. I’ll just put a four for layer four. By the way, that’s layer three. Layer two, layer one, the transport layer is just kind of there to help the other or the receiver know how to put all the data pieces back together in the right way. Then we add layer three. Layer three is the IP address, right? The IP the thing that routers need to know about how to send that traffic. And then at layer two with the wired network that we usually use Ethernet, we use a Mac address as a hardware address so that we know how to send it.

So let’s take it all down here I’ve got a computer who’s going to send those little pieces of data. They’re usually connected to a switch, not going to worry about the switch just this moment. And then they have this router that they sometimes call their default gateway. So they’re putting this together up to layer three and they’re sending it to the router. The router looks at that IP address and says, okay, I know where to send it next. And when it gets to that network that it’s supposed to send it to, we have a switch that looks at the layer two address, and the layer two address tells the switch what the hardware address is to get to that destination.

And it all works very well. Now at the physical layer, we just have to worry about what kind of media that we’re using. Is it a copper wire? Is it a fiber optics? Is it going to be radio frequency? Because the reason that’s important is that the media tells me how from the data link layer to turn it into a bunch of ones and zeros for transmission, whether electrons, photons, radio frequency, that type of thing, infrared, all those things we talked about. So it could be though, that it’s going to go to an access point from that switch and then become radio frequency to get to the destination, which is also just fine. But that’s where you’re going to see something different than Ethernet, because Ethernet just uses a source and destination hardware address. We call them Mac addresses.

At some point, the switch also needs to know the Mac address of the transmitter at minimum, so it can send it to the transmitter. And the transmitter, though, then also needs to know the Mac address of the receiver. So that means that we might have a frame that actually has three or maybe even four what appear to be Mac addresses, just so we get from the transceiver radio to the receiver radio and eventually to the, you know, the original source and the destination source. But then again, right, the switch has to figure out how to make ones and zeros. The radio frequency has to know how to make ones and zeros. And so that’s how our communication is going to work. Going from packets, layer three packets, we add on the Mac address. That’s a frame. And then we turn it into ones and zeros. Those are the bits.

3. Data -Link Layer

Now, layer two is the data link layer, and it is actually, like I said, broken into two sub layers. The upper portion is the Logical Link control LLC. And that just simply means that’s the part that’s going to talk to layer three and then the part of layer two that’s going to help make ones and zeros is going to be the Mac address sublayer, what they call the Media Access Control.

4. MAC

So when we talk about Mac, again, it’s a sublayer. So when the LLC sublayer sends what we call the Mac data unit or the Mac sub layer excuse me, data unit to the Mac sub layer, the Mac header information is going to be added to the MSDU to help identify it. So that means the MSDU is now going to be encapsulated in the Mac protocol unit, or what we call the Mpdu. And a simple definition basically is that it is an 800 and 211 frame recruiting. Remember what I said, those frames look different than the Ethernet frames because they have some extra Mac addresses. And they’re also going to have some different types of control information, duration information, the Mac addressing, sequence control, all of these other little pieces that are designed to work in the wireless world.

So what I’m trying to say is the radio frequency, please don’t confuse it with Ethernet because it’s not Ethernet. It’s a different layer. Two protocol, the access point is going to convert it to Ethernet, more than likely for whatever the distribution medium is. And basically the frame body, the component that we’re going to carry might be variable in size, just like Ethernet. I can send a small packet or frame, I can send a big frame frame, depending on the maximum transmission unit, but it’s going to contain information that is different than Ethernet, and it’s going to be on that frame and what we might call the different types of frame subtypes.

5. Ethernet Connectivity

So with Ethernet connectivity, which is again the DSM, and we look at wireless land topologies, the standard 8211 2012 standard was going to define that. There’s an integration service in Is that enables delivery of the Msdus between the distribution system and the local area network, the land, or what we sometimes call the DSM. The payload of that wireless eight or 211 data frame is going to be the upper layers, right? The IP address, the transport, all of the data from layers three through seven. Right. So that doesn’t change, by the way. There’s nothing about these technologies, the switching and Ethernet or the radio frequency that really cares about your IP address. Those devices only distribute or forward based on the layer two addresses.

And that layer two stuff is what we are really concerned with, knowing that from layer three and above, we’re going to let the routers take care of that and the rest of the local area network. Now, the job of the integration service is basically to first remove the 800 and 211 header. So if I’m doing a WiFi connection to an access point, that access points got to take all that stuff off and then encase it in the MSDU so that it can be then sent into the wired network. And that might be, as an example, maybe your voice over IP payload, that’s fine. That is the layer three through seven stuff that’s not changing. We’re just going to put it inside an Ethernet or what they call the 802 three type of encapsulation.

6. Frame Information

So when we look at what’s happening with the radio frequency, we’re still going to like, have, as we did in the world of Ethernet, the source address. Who is the sender, and what is the hardware address of that network card. By the way, the source address is the Mac address of the original sending station, and on Ethernet, each network card. Let’s see if I can make a nice looking PCI card for a network card. There we go. On each one of these cards, they have what’s called a burned in address. That means the actual you can think of it like a serial number. If you want to, that’s fine. I mean, it’s six bytes long.

The first three bites are what we call the oui, which is basically assigned to everybody who makes a network card. It’s a specific number for each manufacturer. And the last three bites I’m going to say are going to be random manufacturers is, okay, first one out is going to be number one. The number two anyway, that’s the burned in address. Now, in today’s world, we can change that. So instead of calling it a burned in address, we are calling it the Mac address. But nonetheless, it’s the address that represents the actual physical network card that we’re using to make the connection.

And by the way, that network card could also be a wireless card. It’s going to have an address. Now, it can just, like I said, come either from a wireless station or somebody on the wired network, but it’s the one who generated the frame that we want to send and we need to know the destination address. Now, the destination address is not necessarily the actual hardware address of the receiver, and I say that because this information is only layer two.

So if I’m doing a wireless to an access point and that access point is connected to a switch, we’re still at layer two. But if, according to the IP address, I have to go to a router to get there, then all bets are off. We’re not going to need the destination address of the actual destination. We usually just need the destination address of the router, which is our default gateway. And then I’m getting into Ethernet, so I’m not going to take it any further. So many times, destination addresses, just generally who’s the next hop at layer three that I want to get it to? Even though I might have said the Mac address, the final destination of the layer two frame. Yeah, if you were all on the same network, that’s true. But once you get into Ethernet, then whatever you’re doing in WiFi doesn’t matter anymore because you made it past there. You’re in the Ethernet world.

But it could be another wireless station or it could be a destination on the wired network, as I’ve just talked about. Oh, here we go. A server or maybe a router, especially if it’s a gateway now, the transmitter’s address is going to be on this frame. That is the 800 and 211 radio that’s transmitting the frame into that half duplex. And the receiver address may or may not also be in there. It kind of depends, right? If we’re going to go from one access point to another access point, then maybe we need to know the transmitter and receiver’s addresses. But the potential is that with these frames, if you’re or to look at them, might have what appeared to be four different Mac addresses. But the transmitter receiver address, once you get into the wired network, those are going to be gone. You’ll be back to just the regular Ethernet frame.

7. Management Frames

There are a lot of management frames that we send that have nothing to do with the transfer of data. When we think about what do we have to go through? When you first want to connect your computer to an access . 1 of them is going to be an association request, right? You’re going to say, hey I want to connect to you so I can send data into the wired network and if that’s that’s okay we’re going to get an authentication response. In some cases, especially if you’re roaming, you’re going to have a reassociation, a request, a reassociation response.

Now most often the access points are sending out periodically information about its location. Well not its location but who it is and what networks it has. And we call those a beacon. Now the beacons are what allow us to go to our configuration of our wireless network card and choose which wireless network we want to connect to. But some people choose to cloak that. But I hope you remember I said that’s really just a warm fuzzy feeling in security. So the computers could do a probe request and get a probe response which by doing a probe request it’s basically asking the access point to say, hey, what’s your SSID? And then it says, oh here it is.

Not that everybody knows how to do it but anyway the announcement traffic indication message, there’s actually a lot more information not only in the beacon. The beacon does contain the SSID. It contains some other information about the speeds that are allowed. It contains what version of 800 and 211? It’s running so well I’ll just put question mark there. It contains a lot of information that we need to have so we can see if we’re compatible to even be able to talk to each other.

Anyway, once you’re associated and there’s a lot of other people out there connecting, then we’re going to have these announcements for traffic indication messages or the ATM. At some point you’re going to shut down the laptop. You’re going to leave the coffee shop. You’re going to go home. So we have a disassociation. We could also have a deauthentication if we wanted to. And in some cases not everything just lets you connect without giving some information.

So there’s an authentication type of management. And so I hope you’re getting the idea that these are all methods of joining, connecting, authenticating, finding out what’s out there. I mean and just things that we do for basic management communications. I think we talked about Acknowledgments already timing advertisements and not so much that I’m going to ask you to worry about that.

8. Control Frames

Now, the control frames are listed here, and they are a different type, again, of the subtype for the 800 and 211 standard. So, you know, the thing about laptops, and it seems like you’re all probably thinking that’s the only picture you know how to draw well. And just when I think I’m drawing it well, some people say, you know, it looks like a book that’s open. Great.

Okay, it’s a laptop. Laptops have what’s called a power system saver mode. And the purpose of Power Saver is say, hey, look, I’m on battery, so I can’t keep sending wireless signals to you if I don’t need your network, but I don’t want you to forget about me either. So periodically we might have this Power saver poll that is just reannouncing, that says, hey, I’m alive. I’m just kind of sleeping right now. I think we talked about Clear to send before. Clear to Send lets me know if it’s okay for me to send traffic. We also talked about some of the other options where the access point could say, hey, it’s your turn, send me the information.

Request to send. With whatever we send, we usually get Acknowledgments, and that’s the minimum. Now, some of the other things we talked about before, the PCF and HCF might have some. And again, these are improvements to the distribution system that we talked about or the DCF to be able to make sure we get rid of the contention. So you might have a message that says, hey, contention free, which is a PCF, maybe contention free with an Acknowledgment coming back for some quality of service.

We said, hey, sending the Acknowledgments as a block rather than one after another after each frame. Then I can acknowledge that block update. And the one thing we really didn’t talk about is Control Wrapper, but it’s not associated with the HCF or PCF. And like I said, there are some things that, as I realize, those of you looking for certifications are probably thinking, wow, you’ve already given me too many acronyms. So I’ll let you do kind of a little bit of research on what that does for you.

9. Data Frame Subtypes

Now, data frames also have subtypes data. That means the actual what’s important that I’m trying to send there could be a simple data type of subtype or it could be a null function, no data being sent. You might see that with a lot of associations. It could be the data plus the Acknowledgment or it could be data with a poll asking you to send your information. I could be asking you to send it and give you an Acknowledgment. In PCF I might get a control frame Acknowledgment but no data or a pole. Again, it’s a matter of perspective, right?

Is it the laptop or is it the access point? And so there’s a number of combinations. Now, we really don’t get into quality of service through this sort certification process but quality of service is not like it is in a wired network but it’s just a way of getting more time and trying to be more efficient with the data that we send. So you might have again your quality of service data, null data with all the Acknowledgments. So all of these are like the ones up here but because it’s quality of service it just gets a better preference from the access point.

10. Beacon Frames

One of the most important frames is the beacon. That’s what the access point does to basically let anybody with the radio know that there is a network that is available for connection as a part of the management. Frames. Now they essentially are the heartbeat of the wireless network because not only does it say, hey, here’s the name of my network, my SSID, but it says, these are my capabilities of speeds that you have to match. This is going to be what radio type I’m using here’s the channels that I have. I mean, it’s everything that a client needs to know to see if they’re compatible with connecting to that network.

Now the access point basically on especially a basic service set, is going to send these beacons for the clients to be able to hear them. Maybe you might have noticed that sometimes when you first boot up a computer, or maybe your computer is on and you first turn on an access point, that that SSID doesn’t show up for a little bit of time. I mean, under a minute. That’s because the beacons don’t go out all of the time. But they go off enough, I think, every 30 seconds. Well, actually, it depends on a lot of the vendors too. But eventually when you refresh, refresh, you’ll see the new SSID.