Forum

  • Hello everybody,

    I have a question regarding the frame size of the 802.11 frame and would appreciate any responses.

    The frame body of the 802.11 packet can range from 0-2312 bytes. If I am not mistaken the payload from the Layer 3 would be around 1500 bytes and IP fragmentation would be done to ensure the same.

    Why does 802.11 spec out such a large frame size (2346) when most of the packets may not be more than 1550-1600 bytes including the header (assuming I am not missing something)?

    Regards,
    essem_9

  • Hi Essem of Panama City Beach:

    The maximum IEEE 802.11 MSDU size is 2304 octets. This is the number to remember. It is the maximum size of the frame body >>before<< encryption. WEP, TKIP (WPA), and CCMP (WPA2) add 8, 20, and 16 octets respectively.

    The maximum encrypted frame body size for these three cipher suites is 2312, 2324, and 2320. Unfortunately when WEP was the only act in town the number 2312 was given much attention and appears in much literature to this day as >the< maximum frame body size.

    Now, back to why the funky number 2304. I quote from the IEEE 802.11 Handbook second edition page 40: "The value of 2304 bytes as the maximum length of this field was chosen to allow an application to send 2048-byte pieces of information, which can then be encapsulated by as many as 256 bytes of upper layer protocol headers and trailers."

    The popular IP MTU of 1500 octets is a consequence of Ethernet limits. A client-server application using Wi-Fi only might use an MTU higher than 1500. I have observed this with the Apple iTunes application running on an Apple Mac and sending music over Wi-Fi to an Apple Express access point with attached speakers.

    I hope this helps. Thanks. /criss

  • Hey Criss_Hyde,
    Thank you for the prompt response.

    When you say a client-server application using Wi-Fi only would it be right to interpret it as two Mobile Units associated to the same AP? If I do a ping between the two MU?¡é?€??s with a packet size of 2000 bytes would it not be IP fragmented?

    Thank you
    essem_9

  • Hi Essem:

    In my one case iTunes ran on a Mac associated to an Apple Express access point. The Express contains an audio server and an audio jack. Music from the iTunes application crossed the WLAN and played on speakers attached to the Express. I observed the frames with AiroPeek running on a PC. The frame payloads were somewhat larger than 1500 octets.

    I will have this setup again in a couple weeks and will measure the frame body size for us.

    In your ping example I would expect the ICMP packets would honor the default MTU of the WLAN which is typically 1500 octets or less.

    I hope this helps. Thanks. /criss

  • Hi Criss_Hyde,
    I did the ping test and as you mentioned all packets on the air were around 1500 bytes (1536 ?¡é?€?¡° as displayed by Airopeek). My networking fundamentals aren?¡é?€??t too good but as per my understanding IP would always fragment packets such that they do not exceed 1500 bytes or some value around that. In your iTunes case would it be right to assume that Layer3 is not fragmenting the packets? Please correct me if I am making any wrong assumptions.

    Regards,
    essem

  • 8 bytes of IP layer overhead, 28 bytes of MAC layer overhead. If you check out the decodes they break it down pretty well.

  • Criss_Hyde Escribi?3:

    Hi Essem of Panama City Beach:

    The maximum IEEE 802.11 MSDU size is 2304 octets. This is the number to remember. It is the maximum size of the frame body >>before<< encryption. WEP, TKIP (WPA), and CCMP (WPA2) add 8, 20, and 16 octets respectively.

    The maximum encrypted frame body size for these three cipher suites is 2312, 2324, and 2320. Unfortunately when WEP was the only act in town the number 2312 was given much attention and appears in much literature to this day as >the< maximum frame body size.

    Now, back to why the funky number 2304. I quote from the IEEE 802.11 Handbook second edition page 40: "The value of 2304 bytes as the maximum length of this field was chosen to allow an application to send 2048-byte pieces of information, which can then be encapsulated by as many as 256 bytes of upper layer protocol headers and trailers."

    The popular IP MTU of 1500 octets is a consequence of Ethernet limits. A client-server application using Wi-Fi only might use an MTU higher than 1500. I have observed this with the Apple iTunes application running on an Apple Mac and sending music over Wi-Fi to an Apple Express access point with attached speakers.

    I hope this helps. Thanks. /criss



    Hi Criss!
    You mentioned that the maximum size of the frame body is 2304 bytes. However, "802.11 Wireless Networks" by O'reilly, or even most of the articles I found on Google specify the frame body size is 0~2312 bytes. So does it means that 2312 is the size of the frame body that has been WEP encrypted?
    By the way, I assumed that 2346(the maximum RTS threshold used by most of the wireless vendors)
    indicates the frame body size(correct me if I'm wrong). Why do they choose this value? Is it spec out by the 802.11 IEEE standard?

    Regards,
    raul07

  • Hi Raul:

    Yes, the popular number 2312 is the largest WEP encrypted MSDU, or frame payload.

    Fragmentation decisions are applied to the entire frame rather than just the frame payload. The popular number 2346 is not emphasized by the standard but is the largest frame possible with WEP encryption and every MAC header field in use (including Address 4).

    Unfortunately now there are not one but three "largest" 802.11 frames corresponding to WEP, TKIP, and CCMP -- 2346, 2358, and 2354. Since 802.11 frames in practice virtually never reach or exceed 2346, I imagine WLAN vendors will retain 2346 as the number that essentially means "do not fragment".

    The standard makes much of 2304 as the maximum MSDU (frame body before encryption). It is the number to remember and to be tested on.

    I hope this helps. Thanks. /criss

  • Quote from the IEEE 802.11 Handbook second edition page 40: "The value of 2304 bytes as the maximum length of this field was chosen to allow an application to send 2048-byte pieces of information, which can then be encapsulated by as many as 256 bytes of upper layer protocol headers and trailers."

    I never have seen frame size more than 1500 bytes on wireless sniffer.Please any one can suggest what application I can use to see wireless frame size more than 1500 bytes.Please advice.

Page 1 of 1
  • 1