802.11 MAC Series – Basics of MAC Architecture – Part 3 of 3By CWNP On 02/03/2016 - 47 Comments
Welcome back to the next blog of the 802.11 series. In this blog, we will discuss the discovery process, which is the first step in joining a wireless network and helps to identify a desirable wireless network to connect to.
Wireless Network Discovery
Wireless network discovery is a process by which a client device searches for the wireless networks and finds the different parameters, such as SSID, supported data rates and security configuration of the networks. Wireless network discovery has two modes:
The first mode of the wireless network discovery we’ll describe is passive scanning. In this mode, wireless client devices listen for the beacon frames that are being broadcasted at a regular interval by the AP. The beacon frames contain all the information related to SSID, data rates, and radio frequency channels of the AP. Once the client device hears the beacon frame containing the same SSID that is configured in the wireless client software utility, it connects to the AP. Sometimes, a client device hears the beacon frames containing the same SSID from several APs, then it identifies the best signal and attempts to connect to that AP for joining the wireless network. The following figure represents the passive scanning in which the beacon frames are broadcasted from the AP.
Another mode of wireless network discovery is active scanning. In this method, client devices desiring to join the wireless network transmit management frames called probe requests. These management frames contain the SSID of the wireless network to which the client devices desire to connect. If the client device does not know the SSID of the wireless network, it sends a probe request without specifying any value in the SSID field, which is a null SSID or wildcard SSID.
A probe request containing SSID information is known as directed probe request where as a probe request that does not contain an SSID value is known as null probe request.Access points continuously listen for the directed probe requests and if they find the probe request with the same SSID that the AP has, then the AP provides the probe response frame to the client device. The probe response frame stores all the information that the beacon frame contains except the Traffic Indication Map (TIM) field. It helps client device to find the required parameters before joining any wireless network. If multiple APs provide probe responses, then the client device chooses the AP with the best signal strength. If the client device sends the null probe request, then all the APs that hear the probe request should provide their probe response because the received probe request was not dedicated to any specific SSID.
The following figure represents the active scanning in which the probe request and probe response frames are exchanged between the client device and the AP.
There is a characteristic of passive scanning where the beacon frames are transmitted on the matching channel on which the AP is operating. On the other hand, in active scanning, probe request frames are transmitted across all the channels available on the client devices. The main aim of a client device is to search for the wireless network with the best signal, hence it can choose either or both the methods, active or passive, for discovery of the wireless network.
In the next blog, we will take a look at the process of authentication and association of the client devices used to gain access to the wireless network. Til then happy reading!!