• For those interested... 802.11n beacon decode

  • thanks swordfish! ...and welcome to the forum!


  • Wow, a 228 Byte beacon. I'm not sure I would want those being transmitted 10 times per second.

  • GT,

    Stop being such a baby.

  • Um... what? :)

  • HA! Too funny...

    GTHill, yeah, I'm one of those guys who sets 200ms intervals on beacons typically (especially on an 802.11b BSS).

    Regarding the decode, that was enlightening to me. (I printed it out to read in more detail) My neighbor just got an 802.11n AP and I have it on my ToDo to go over and play with the settings and capture some PHY scans as well as 802.11 decodes.

    I have to ask, what version of software did you use that recognized all of those 802.11n IEs? I'm guessing a WildPackets product. That will certainly save me some time.

    I'll be sure to share once I get it done.

  • Yes, it was Airopeek or you can use the newer version called Omnipeek.
    However, I had to write my own decodes for .11n. Wildpackets has no such decode support for .11n that I'm aware of. Also, I can only capture in 20MHz vice 40MHz. Don't yet have a suitable .11n PCMCIA and a driver to go with it :'(
    If I remember correctly I based the decodes using P802.11n D1.06 and I think D1.10 is the latest working draft.

  • Wow, I didn't know AiroPeek had support for that. I just poked around their directory structure and found a decodes/decodes.dcd. Is that where you added the info? I opened it up and it wasn't very straight forward; are there any docs available for that?

    ...knowing how to effectively use your tools makes all the difference in the world.

    Thanks for the info!

  • From Product Marketing at Wildpackets:

    In 4.1, OmniPeek can decode management information that is sent by 11n APs in management frames, most notably in beacons. This management information is NOT encoded in 11n - it is sent in such a way that any 802.11 a/b/g client can understand the information being sent. Because this information is not "11n encoded", any wireless adapter that we currently support (Atheros-based and the Intel PROWireless 3945) can be used to capture and decode this management information. The value in what we provide is that we can display the reported capabilities of 11n APs. For example, information like support for certain types of control frames, 20 vs. 40 MHz support, supported coding rates, compression support, calibration support, antenna selection, etc.

    However, we CANNOT capture, display or analyze ANY 11n data.

  • @sjackman, To answer your question in older Airopeek versions (2.x) the decodes.dcd was just a flat text file but in newer versions (3.x) including Omnipeek 4.x that file is binary. All I did was create my own decodes file using similar syntax as in older decodes.dcd file (plain text) and drop it in the decodes directory. Relaunch Omnipeek. My decodes are more or less specific to the Intel 4965AGN card.
    You can check here for Wildpackets decoder language.

Page 1 of 2