The 802.11 Frame Format: New and Improved.

The 802.11 Frame Format: New and Improved.

By CWNP On 08/07/2007 - 13 Comments

When will the madness end?  With 802.11n, we have a newly elongated frame format.

Frame Control: 2 octets
Duration/ID: 2 octets
Address 1: 6 octets
Address 2: 6 octets
Address 3: 6 octets
Sequence Control: 2 octets
Address 4: 6 octets
QoS Control: 2 octets
HT Control: 4 octets (new!)
Frame Body: 0-7955 octets (yeah baby!)
FCS: 4 octets

Could they POSSIBLY make this frame any LONGER?  Yes, in fact they can...and will.  802.11s (mesh) is adding addresses 5 and 6 (which are obviously 6 octets each).
…and if you think this is bad, you should see HT Beacons and Probe Responses.  They now contain the HT Capability and HT Information elements.  The HT Capability field is the size of a “MAC” truck – making a beacon that I just observed 237 octets long.  Beacons vary depending on what they are carrying, but 237 octets?  Dang!  At this size, every beacon is a MAC-Layer denial of service.  Can you imagine the overhead of having 10 WLAN profiles in a WLAN controller, each beaconing at 100 TUs?  Yikes.   You better scale back that HT beacon interval when you have lots of WLAN profiles.

One more thing…and you’re going to love this…

A new 802.11 frame subtype is introduced in the 802.11n amendment...the Control Wrapper.  Wrapper?  Did someone say wrapper?  Geez.

The Control Wrapper frame is used to carry any other control frame together with a High Throughput Control
field.

Frame Control: 2 octets
Duration/ID: 2 octets
Address 1 (aka DA): 6 octets
Carried Frame Control: 2 octets
HT Control: 4 octets
Carried Frame: variable - because it's a control frame
FCS: 4 octets

The value for the Duration/ID field of the Control Wrapper frame is generated by following the rules for the Duration/ID field of the control frame that is being carried.

The value for the Address1 field of the Control Wrapper frame is generated by following the rules for the Address1 field of the control frame that is being carried.  

The Carried Frame Control field contains the value of the Frame Control field of the carried control frame.  The Carried Frame field contains the fields that follow the Address1 field of the control frame that is being carried, excluding the FCS field.

The interesting thing here is that they hack off the Frame Control, Duration/ID, Address1, and FCS fields of the original control frame...leaving...not much. Then, they put on a whole new header and a new FCS.  Basically it's the original control frame with a new header....but they call it a wrapper instead...and they make us memorize yet another frame type.  Grrr.

Devin Akin

CTO, The CWNP Program 


0 Responses to The 802.11 Frame Format: New and Improved.

Subscribe by Email
There are no comments yet.
<< prev - comments page 1 of 1 - next >>

Leave a Reply

Please login or sign-up to add your comment.
Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.

-Darren
Read More

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.

-Ben
Read More

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.

-Glenn
Read More