Skip to main content

Beacon Frames, Probe request and response


Beacon frame is one of the management frames in IEEE 802.11 based WLANs. It contains all the information about the network. Beacon frames are transmitted periodically, they serve to announce the presence of a wireless LAN and to synchronise the members of the service set. Beacon frames are transmitted by the access point (AP) in an infrastructure basic service set (BSS). In IBSS network beacon generation is distributed among the stations.
Beacons are sent periodically at a time called Target Beacon Transmission Time(TBTT)
1 TU = 1024 microseconds
Beacon interval =100 TU (100x 1024 microseconds or 102.4 milliseconds)
1. Timestamp (8 byte)
2. Beacon Interval (2 byte)
3. Capability info (2 byte)
4. SSID (variable size)
5. Supported Rates (variable size)



Probe Request:
 A station or client becomes active or on a PC when the wlan card it enabled it becomes active sends a probe request frame when it needs to obtain information from another station or access point. For After a radio NIC sends out a probe request to determine which access points are within range. The probe request frame is sent on every channel the client supports in an attempt to find all access points in range that match the SSID and client-requested data rates .Its upto the client to determine which access point to associate to by weighing various factors like supported data rates and access point load to select optimal access point thus moves to the authentication phase of 802.11 network after getting responses from Aps as probe response. This mechanism support also helps in roaming station the ability to move between cells while remaining connected in the search for new access point.
(wlan.fc.type == 0)&&(wlan.fc.type_subtype == 0x04)
A station sends a probe request frame when it needs to obtain information from another station. For example, a radio NIC would send a probe request to determine which access points are within range.

There are two way of scanning,
1) Passive Scanning:
Discovering the network by scanning all possible channels & listening to beacons is not considered to be very efficient (passive scanning).
2) Active Scanning:
Stations still go through each channel in turn, but instead of passively listening to the signals on that frequency, station send a Probe Request management frame asking what network is available on that channel.

Probe Request are sent to the broadcast DA address (ff:ff:ff:ff:ff:ff). Once a Probe sent, STA starts a ProbeTimer countdown & wait for answers. At the end of the timer, STA process the answer it has received. If no answers received, STA moves to next channel & repeats the discovery process.
STA sending Probe Request may specify the SSID they looking (called directed probe request). Then only IBSS STA or AP support that SSID will answer. The SSID value can also be set to 0 (ie SSID field is present, but empty). This is called Wildcard SSID or Null Probe Request.


Probe Response:
In response to the probe request, APS with matching criteria will respond with a probe response frame containing synchronization information and access point load and would contain capability information, supported data rates, etc.

(wlan.fc.type == 0)&&(wlan.fc.type_subtype == 0x05)
A station will respond with a probe response frame, containing capability information, supported data rates, etc., when after it receives a probe request frame.



Labels:

Comments

Post a Comment

Popular posts from this blog

What is QinQ(IEEE 802.1ad)

What is QinQ In this section, we will see about Switching concept QinQ. In service provider networks, This is very important. Service provider use this Switching function to pass customer data from one end to other end with two vlan id’s in own switching network.  Explanation: The QinQ technology is called VLAN dot1q tunnel, 802.1Q tunnel, VLAN Stacking technology. The standard comes from IEEE 802.1ad and it is the expansion of the 802.1Q protocol. QinQ adds one layer of 802.1Q tag (VLAN tag) based on the original 802.1Q packet head. With the double layers of tags, the VLAN quantity is increased to 802.1Q. QinQ encapsulates the private network VLAN tag of the user in the public(service provider) network VLAN Tag to make the packet with double layers of VLAN Tags cross the backbone network (public network) of the operator. In the public network, the packet is passed according to the out layer of VLAN tag (that is the public network VLAN Tag) and the private netw...
Post a Comment
Read more

Difference between Polling and Trap in Network Management – Which one is better?

A Network Manager’s job is to get data from Network Elements and present it to the administrators or operators. There are two ways of doing this activity:  1) Polling and 2) Trap . Here is a quick difference between the two: Polling  : A traditional way of providing operators with the network elements information. It’s characteristics are as follows: ·        Pull Mechanism – Requests and get information from network elements at periodic intervals. The periodic interval is most often configurable. ·        Provides non-real time information. It may happen that some changes happen in network element but polling happens an hour after that. Thus, operator gets to know about the changes after an hour. ·        Higher bandwidth needed. Traps  : When an alarm situation exists a trap can be generated, or if some changes happen at network element, an attribute value chang...
Post a Comment
Read more