802.11® Wireless Networks The Definitive Guide By Matthew Gast Publisher: O'Reilly Pub Date: April 2005 ISBN: 0-596-10052-3 Pages: 656 Table of Contents | Index As we all know by now, wireless networks offer many advantages over fixed (or wired) networks Foremost on that list is mobility, since going wireless frees you from the tether of an Ethernet cable at a desk But that's just the tip of the cable-free iceberg Wireless networks are also more flexible, faster and easier for you to use, and more affordable to deploy and maintain The de facto standard for wireless networking is the 802.11 protocol, which includes Wi-Fi (the wireless standard known as 802.11b) and its faster cousin, 802.11g With easy-toinstall 802.11 network hardware available everywhere you turn, the choice seems simple, and many people dive into wireless computing with less thought and planning than they'd give to a wired network But it's wise to be familiar with both the capabilities and risks associated with the 802.11 protocols And 802.11 Wireless Networks: The Definitive Guide, 2nd Edition is the perfect place to start This updated edition covers everything you'll ever need to know about wireless technology Designed with the system administrator or serious home user in mind, it's a no-nonsense guide for setting up 802.11 on Windows and Linux Among the wide range of topics covered are discussions on: deployment considerations network monitoring and performance tuning wireless security issues how to use and select access points network monitoring essentials wireless card configuration security issues unique to wireless networks With wireless technology, the advantages to its users are indeed plentiful Companies no longer have to deal with the hassle and expense of wiring buildings, and households with several computers can avoid fights over who's online And now, with 802.11 Wireless Networks: The Definitive Guide, 2nd Edition, you can integrate wireless technology into your current infrastructure with the utmost confidence 802.11® Wireless Networks The Definitive Guide By Matthew Gast Publisher: O'Reilly Pub Date: April 2005 ISBN: 0-596-10052-3 Pages: 656 Table of Contents | Index Copyright Foreword Preface Prometheus Untethered: The Possibilities of Wireless LANs Audience Overture for Book in Black and White, Opus 2 Conventions Used in This Book How to Contact Us Safari Enabled Acknowledgments Chapter 1 Introduction to Wireless Networking Why Wireless? What Makes Wireless Networks Different A Network by Any Other Name Chapter 2 Overview of 802.11 Networks IEEE 802 Network Technology Family Tree 802.11 Nomenclature and Design 802.11 Network Operations Mobility Support Chapter 3 802.11 MAC Fundamentals Challenges for the MAC MAC Access Modes and Timing Contention-Based Access Using the DCF Fragmentation and Reassembly Frame Format Encapsulation of Higher-Layer Protocols Within 802.11 Contention-Based Data Service Frame Processing and Bridging Chapter 4 802.11 Framing in Detail Data Frames Control Frames Management Frames Frame Transmission and Association and Authentication States Chapter 5 Wired Equivalent Privacy (WEP) Cryptographic Background to WEP WEP Cryptographic Operations Problems with WEP Dynamic WEP Chapter 6 User Authentication with 802.1X The Extensible Authentication Protocol EAP Methods 802.1X: Network Port Authentication 802.1X on Wireless LANs Chapter 7 802.11i: Robust Security Networks, TKIP, and CCMP The Temporal Key Integrity Protocol (TKIP) Counter Mode with CBC-MAC (CCMP) Robust Security Network (RSN) Operations Chapter 8 Management Operations Management Architecture Scanning Authentication Preauthentication Association Power Conservation Timer Synchronization Spectrum Management Chapter 9 Contention-Free Service with the PCF Contention-Free Access Using the PCF Detailed PCF Framing Power Management and the PCF Chapter 10 Physical Layer Overview Physical-Layer Architecture The Radio Link RF Propagation with 802.11 RF Engineering for 802.11 Chapter 11 The Frequency-Hopping (FH) PHY Frequency-Hopping Transmission Gaussian Frequency Shift Keying (GFSK) FH PHY Convergence Procedure (PLCP) Frequency-Hopping PMD Sublayer Characteristics of the FH PHY Chapter 12 The Direct Sequence PHYs: DSSS and HR/DSSS (802.11b) Direct Sequence Transmission Differential Phase Shift Keying (DPSK) The "Original" Direct Sequence PHY Complementary Code Keying High Rate Direct Sequence PHY Chapter 13 802.11a and 802.11j: 5-GHz OFDM PHY Orthogonal Frequency Division Multiplexing (OFDM) OFDM as Applied by 802.11a OFDM PLCP OFDM PMD Characteristics of the OFDM PHY Chapter 14 802.11g: The Extended-Rate PHY (ERP) 802.11g Components ERP Physical Layer Convergence (PLCP) ERP Physical Medium Dependent (PMD) Layer Chapter 15 A Peek Ahead at 802.11n: MIMO-OFDM Common Features WWiSE TGnSync Comparison and Conclusions Chapter 16 802.11 Hardware General Structure of an 802.11 Interface Implementation-Specific Behavior Reading the Specification Sheet Chapter 17 Using 802.11 on Windows Windows XP Windows 2000 Windows Computer Authentication Chapter 18 802.11 on the Macintosh The AirPort Extreme Card 802.1X on the AirPort Chapter 19 Using 802.11 on Linux PCMCIA Support on Linux Linux Wireless Extensions and Tools Agere (Lucent) Orinoco Atheros-Based cards and MADwifi 802.1X on Linux with xsupplicant Chapter 20 Using 802.11 Access Points General Functions of an Access Point Power over Ethernet (PoE) Selecting Access Points Cisco 1200 Access Point Apple AirPort Chapter 21 Logical Wireless Network Architecture Evaluating a Logical Architecture Topology Examples Choosing Your Logical Architecture Chapter 22 Security Architecture Security Definition and Analysis Authentication and Access Control Ensuring Secrecy Through Encryption Selecting Security Protocols Rogue Access Points Chapter 23 Site Planning and Project Management Project Planning and Requirements Network Requirements Physical Layer Selection and Design Planning Access-Point Placement Using Antennas to Tailor Coverage Chapter 24 802.11 Network Analysis Network Analyzers Ethereal 802.11 Network Analysis Checklist Other Tools Chapter 25 802.11 Performance Tuning 802.11 Performance Calculations Improving Performance Tunable 802.11 Parameters Chapter 26 Conclusions and Predictions Standards Work Current Trends in Wireless Networking The End glossary About the Author Colophon Index 802.11® Wireless Networks: The Definitive Guide, Second Edition by Matthew S Gast Copyright © 2005 Matthew S Gast All rights reserved Printed in the United States of America Published by O'Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472 O'Reilly books may be purchased for educational, business, or sales promotional use Online editions are also available for most titles (safari.oreilly.com) For more information, contact our corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com Editor: Mike Loukides Production Editor: Colleen Gorman Cover Designer: Ellie Volckhausen Interior Designer: David Futato Printing History: April 2002: First Edition April 2005: Second Edition Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc 802.11® Wireless Networks: The Definitive Guide, Second Edition, the image of a horseshoe bat, and related trade dress are trademarks of O'Reilly Media, Inc 802.11® and all 802.11-based trademarks and logos are trademarks or registered trademarks of IEEE, Inc in the United States and other countries O'Reilly Media, Inc is independent of IEEE Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and O'Reilly Media, Inc was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein ISBN: 0-596-10052-3 [M] Foreword Matthew Gast was my mentor long before I met him I began reporting on wireless data networking in October 2000 when I discovered that Apple's claims for its 802.11b-based AirPort Base Station were actually true I'd been burned with another form of wireless networking that used infrared, and had spent many fruitless hours using other "interesting" networking technologies that led to dead ends I figured 802.11b was just another one Was I glad I was wrong! This discovery took me down a path that led, inexorably, to the first edition of 802.11 Wireless Networks How did this stuff actually work as advertised? I knew plenty about the ISO model, TCP/IP, and Ethernet frames, but I couldn't reconcile a medium in which all parties talked in the same space with what I knew about Ethernet's methods of coping with shared contention Matthew taught me through words and figures that I didn't originally understand, but returned to again and again as I descended further into technical detail in my attempts to explain Wi-Fi to a broader and broader audience through articles in The New York Times, The Seattle Times, PC World, and my own Wi-Fi Networking News (http://www.wifinetnews.com) site over the last five years I starting learning acronyms from 802.11 Wireless Networks and used Matthew's book to go beyond expanding WDS into Wireless Distribution System into understanding precisely how two access points could exchange data with each other through a built-in 802.11 mechanism that allowed four parties to a packet's transit Now as time went by and the 802.11 family grew and became Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] TA (Transmitter Address) definition TACACS, RADIUS and task groups, IEEE TBTT (Target Beacon Transmission Time) TGn (task group N) TGnSync 2nd block ACKs channel width DVD video and frame aggregation frame bursting HDTV and MAC aggregation bursting channels coexistence efficiency enhancements power saving protection radio modes MIMO and WWiSE common features comparisons TGnSync PHY enhancements optional coding transmit modes TGnSync PLCP 2nd TGnSync PMD throughput DS PHY high-throughput MIMO PHY project planning expectations requirements RF total area throughput TIM (Traffic Indication Map) definition DTIM frame buffering and Timestamp field, management frames timing MAC synchronization IBSSs and infrastructure TSF timing operations, performance tuning and timing parameters, scan reports TK (Temporal Key) TKIP (Temporal Key Integrity Protocol) 2nd 3rd data processing data transmission definition input IV (initialization vector) key construction key mixing 2nd master keys MIC (Message Integrity Check) Michael integrity check 2nd operations reception replay protection sequence counter WEP comparison TLS (Transport Layer Security) ToDS bits, control frames token cards, RADIUS and topology dynamic VLAN assignment islands virtual access points TPC (Transmit Power Control) information element overview Report frame Report information element Request frame spectrum management and traffic separation transceivers, antennas and transitions mobility support and BSS transitions ESS transitions transmission access point, PCF and antennas and direct sequence transmission frames association states authentication states frequency-hopping modes, WWiSE MIMO PHY OFMD PMD power, spectrum management and transmit masks transmitter addresses transport-layer Trapeze trends in wireless networking TRMS (Timed Receive Mode Switching), TGnSync powersaving protocol troubleshooting network analyzers TSF (timing synchronization function) TTLS (Tunneled TLS) tune tuning tunnel encapsulation Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] U-NII (Unlicensed National Information Infrastructure) bands unicast frames keys, WEP universal radios University of New Hampshire's Inter-Operability Lab access points IOL test Unix password systems, RADIUS and Unix-based access points user authentication, RADIUS user density, project planning and user population, project planning and Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] vertical antennas virtual access points 2nd virtual APs voice telephony, connectivity and Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] WAPI (WLAN Authentication and Privacy Infrastructure) water excitation mode, microwave range and WaveLAN hardware, Lucent WDS (wireless distribution system) address fields frames in WEP (Wired Equivalent Privacy) attacks, recovery automatic 2nd cryptography and data processing data transmission design flaws dynamic 2nd Windows 2000 configuration encapsulation encryption, decryption ICV and input requirements IV (initialization vector) key recovery keys broadcast keys cache default keys length manual management mapped keys numbering rekeying infrequently station keys unicast keys Mac and manual problems with RC4 cipher and secret key seed shared key authentication short keys static TKIP comparison WEP bit (renaming) white lie, MAC whitening, PLCP and Wi-Fi Alliance Wi-Fi switching windowing, OFDM Windows authentication Ethereal network analyzer RADIUS and databases Windows 2000 Wireless Configuration Service Windows XP card installation Cisco client software EAP method configuration network selection security, 802.1X WPA configuration/installation WZC (Windows Zero Configuration) Wireless Configuration Service, Windows 2000 wireless Ethernet wireless extensions, Linux compiling interface configuration wireless LANs 2nd wireless medium, overview wireless networks advantages flexibility mobility reasons for trends troubleshooting types wireless switches 2nd WLSE (Wireless LAN Solutions Engine) working groups, IEEE WPA (Wi-Fi Protected Access) information element Mac and overview preshared key Windows XP configuration/installation WWiSE (World-Wide Spectrum Efficiency) acknowledgment aggregation block ACKs bursting channel pairs channel width channels, MAC frame aggregation WWiSE (World-Wide Spectrum Efficiency) (continued) frame bursting interleavers MAC channels efficiency enhancements protection radio modes MIMO and RIFS (Reduced Interframe Space) TGnSync common features comparisons ZIFS (Zero Interframe Space) WWiSE MIMO PHY encoding interleaver modulation rates operating channels space-time block coding spatial streams transmission modes WWiSE PHY characteristics WWiSE PLCP WWiSE PMD WZC (Windows Zero Configuration) Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] xsupplicant, 802.1X on Linux Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] Yagi antennas Index [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] ZIFS (Zero Interframe Space) ... And now, with 802. 11 Wireless Networks: The Definitive Guide, 2nd Edition, you can integrate wireless technology into your current infrastructure with the utmost confidence 802. 11 Wireless Networks The Definitive Guide. .. Chapter 3, 802. 11 MAC Fundamentals, describes the Media Access Control (MAC) layer of the 802. 11 standard in detail 802. 11, like all IEEE 802 networks, splits the MAC-layer functionality from the physical medium access... Chapter 6 User Authentication with 802. 1X The Extensible Authentication Protocol EAP Methods 802. 1X: Network Port Authentication 802. 1X on Wireless LANs Chapter 7 802. 11i: Robust Security Networks, TKIP, and CCMP