Back to Contents

Technical Overview

Operating Modes

A wireless client operates in either infrastructure mode or peer-to-peer mode.

Infrastructure Mode: A wireless LAN (WLAN) with Access Points

In infrastructure mode, wireless clients send and receive information through access points. When a wireless client communicates with another, it transmits to the access point. The access point receives the information and rebroadcasts it. Then the other device receives the information.

Access points are strategically located to provide optimal coverage for wireless clients. A large WLAN uses multiple access points to provide coverage over a wide area. Access points can connect to a LAN through a wired Ethernet connection. Access points send and receive information from the LAN through this wired connection.

Peer-to-Peer Mode: A WLAN without Access Points

In peer-to-peer mode, also called Ad Hoc Mode, wireless clients exchange information with other wireless clients without using an access point. In contrast to infrastructure mode, this type of WLAN only contains wireless clients.

You can use peer-to-peer mode to connect computers in a home or small office, or to set up a temporary wireless network for a meeting.

Identifying a WLAN

All the devices on a WLAN use a Network Name, or Service Set Identifier (SSID) to identify the WLAN. There are several kinds of SSID, each having a slightly different meaning. In peer-to-peer mode, an Independent Basic Service Set Identifier (IBSSID) identifies a WLAN. In infrastructure mode, an Extended Service Set Identifier (ESSID) identifies a WLAN. For simplicity, this guide uses the term Network Name (SSID) in place of ESSID and IBSSID. In either infrastructure or peer-to-peer mode, the SSID indicates the WLAN you are communicating with. All the devices on a WLAN must use the same SSID to communicate with the other wireless devices on that WLAN. When installing an access point or wireless adapter in a wireless client, the software asks you to specify an SSID.

Identifying Devices on a WLAN

A Basic Service Set Identifier (BSSID) uniquely defines each wireless device. The BSSID is the Ethernet Media Access Control (MAC) address of the wireless adapter installed in the wireless client. The MAC address is permanently set when the adapter is manufactured. MAC addresses determine the device sending or receiving data. A MAC address is a 48-bit number written as six hexadecimal bytes separated by colons. For example:

    00:A0:F8:24:9A:C8

To find the MAC address of an Intel(R) PRO/Wireless LAN device, see the product label at the bottom of the device.

Client Association Process

Access points recognize wireless clients as they associate with the access point. The access point keeps a list of the clients it services. Clients associate with an access point based on the following conditions:

  • The signal strength between the access point and client
  • Clients currently associated with the access point
  • The clients encryption and authentication capabilities and the type enabled
  • The client supported data rates:
    • 802.11B: 1, 2, 5.5, and 11 Mbps
    • 802.11a: 6, 12, 24, 36, 48, and 54 Mbps

Clients perform preemptive roaming by intermittently scanning for access points and associating with the best available access point. Before roaming and associating with access points, clients perform scans to collect access point statistics and determine the direct-sequence channel used by the access point.

Scanning is an intermittent process where the wireless client sends out probe messages on all frequencies defined by the country code. The statistics enable a client to reassociate by synchronizing its frequency to the access point. The client continues communicating with that access point until it needs to switch cells or roam.

Clients perform full scans at start-up. In a full scan, a client uses a sequential set of channels as the scan range. For each channel in range, the client tests for Clear Channel Assessment (CCA). When a transmission-free channel becomes available, the client broadcasts a probe with the Network Name (SSID) and the broadcast BSSID. An access point-directed probe response generates a client Acknowledgment (ACK) and the addition of the access point to the access point table with a proximity classification. An unsuccessful access point packet transmission generates another client probe on the same channel. If the client fails to receive a response within the time limit, it repeats the probe on the next channel in the sequence. This process continues through all channels in the range.

Clients perform partial scans at programmed intervals, when missing expected beacons or after excessive transmission retries. In a partial scan, the client scans access points classified as proximate on the access point table. For each channel, the client tests for CCA. The client broadcasts a probe with the Network Name (SSID) and broadcast BSSID when the channel is transmission-free. It sends an ACK to a directed probe response from the access point, and updates the access point table. An unsuccessful access point packet transmission causes the client to broadcast another probe on the same channel. The client classifies an access point as out-of-range in the access point table if it fails to receive a probe response within the time limits. This process continues through all access points classified as proximate in the access point table.

A client can roam within a coverage area by switching access points. Roaming occurs when:

  • An unassociated client attempts to associate or reassociate with an available access point.
  • The supported rate changes or the client finds a better transmit rate with another access point.
  • The received signal strength indicator (RSSI) of a potential access point exceeds the current access point.
  • The ratio of good-transmitted packets to attempted-transmitted packets falls below a threshold.

A client selects the best available access point and adjusts itself to the access point direct-sequence channel to begin association. Once associated, the access point begins forwarding any frames that are addressed to the client. Each frame contains fields for the current direct-sequence channel. The client uses these fields to resynchronize to the access point again.

The scanning and association process continues for active clients. This process allows the client to choose the best network connection available by finding new access points and discarding out-of-range or deactivated access points.

Data Encryption

The Intel(R) PRO/Wireless LAN uses the Wired Equivalent Privacy (WEP) encryption and decryption algorithm specified in Section 8 of the IEEE 802.11 wireless LAN specification. WEP uses the same key for both encryption and decryption, and provides protection equivalent to that of a wired network, hence the "Wired Equivalent" portion of the name.

The IEEE 802.11 specification defines two types of authentication:

  • Open system authentication is the default authentication service, in which all clients that request access to the network are accepted, with no actual verification. You should only use this system if it’s not necessary to positively validate the identity of the sender.
  • Shared key authentication requires the exchange of an authentication key shared among all of the authentic access points and clients in the network. When a client requests access to the network, the access point sends a long random number encrypted with the shared key to the client. The client decrypts the number using the same key and sends it back to the access point, which only grants access to clients that return the correct number. The Intel(R) PRO/Wireless LAN Access Point supports 64-bit and 128-bit shared key authentication.

If you implement the shared key authentication mode, you must configure all access points and clients to use the same key.

Site Requirements

Because the client adapter is a radio device, it is susceptible to Radio Frequency (RF) obstructions and other sources of interference that can reduce throughput and range. Follow these guidelines to ensure the best possible performance:

  • Install the client adapter in an area where large steel structures such as shelving units, bookcases, and filing cabinets will not obstruct radio signals to and from the client adapter.
  • Do not install the client adapter near microwave ovens. Microwave ovens operate on the same frequency as the client adapter and can cause signal interference.

See Researching the Site and The Site Survey for additional site requirements.

Wireless Security

Wireless networking devices transmit information through radio waves. Unless security is implemented, an unauthorized person could intercept the information.

A common way of implementing security and protecting information is encryption. Before sending information, the wireless client or access point encrypts or scrambles information using an encryption key. The device receiving the information uses the same key to decrypt or unscramble the information. The information is readable only to wireless devices that have the correct encryption key.

The IEEE 802.11 wireless LAN standard specifies the Wired Equivalent Privacy (WEP) encryption and decryption algorithm. The standard includes two levels of security, using a 64-bit key or a 128-bit key. To implement WEP, use either one of these methods. For better security, use a 128-bit key. A 128-bit key has several trillion times as many possible combinations as a 64-bit key. For added security, change your keys often. Some vendors refer to 64-bit encryption as 40-bit. These are identical. A wireless device that claims to have 64-bit encryption interoperates with a device that claims to have 40-bit encryption.

The same device, host computer or front-end processor usually performs both encryption and decryption. The algorithm, like the pattern of a lock, is standardized and may be used by anyone, but the encrypted data is unreadable without the appropriate key, which is known only by the sender and receiver of the transmitted data. You should change your keys often for added protection.

802.1x Authentication

The 802.11a Intel(R) PRO/Wireless 5000 LAN Access Point supports 802.1x authentication for Windows operating systems.

802.1x authentication for wireless LANs has three main components: The supplicant (usually the client software); the authenticator (the access point); and the authentication server (usually a Remote Authentication Dial-In User Service or RADIUS server).

802.1x is a standards-based solution for port-level authentication for a wired or wireless Ethernet client systems.

Radio Basics

IEEE 802.11 networking devices transmit and receive radio signals. Users communicate with the network by establishing radio links between mobile devices and access points, or between each other.
WARNING: A minimum separation distance of 20 cm (8 inches) should be maintained between the radiating element of this product and nearby persons to comply with FCC rules for Radio Frequency (RF) exposure.

IEEE 802.11 devices use frequency modulation (FM) to transmit digital data from one device to another. The radio signal propagates into the air as electromagnetic waves. The receiving device demodulates the signal, which results in the original digital data. The radio devices transmit in the frequency ranges from 2.4 to 2.5 gigahertz for 802.11b networks and 5.15 to 5.35 gigahertz for 802.11a networks. These are license-free ranges throughout most of the world. The actual range is country-dependent.

Direct-Sequence Spread Spectrum (DSSS)

Broadband spread spectrum uses an algorithm to spread the transmission of a narrowband signal over a segment of the radio frequency band or spectrum. DSSS is a spread spectrum technique in which the narrowband signal is combined with a "chipping sequence" to spread the radio signal sequentially across the entire frequency range specified by the channel of operation. The Intel(R) PRO/Wireless 5000 LAN Access Point uses DSSS for radio communication.
NOTE: In the United States, the three non-overlapping direct-sequence channels are channels 1, 6, and 11.

Advanced Network Topologies

Basic Network Configurations

You can use Intel(R) PRO/Wireless LAN Access Points in any of several network configurations depending on your networking needs and size. The following examples illustrate some simple wireless network configurations with access points:

  • A single access point forms a single-cell wireless network.

  • A single access point can bridge between the Ethernet and wireless networks.

  • Multiple access points can coexist as separate, individual networks at the same site using different network names (SSID). These separate wireless LANs can be configured to use different channel assignments to avoid RF interference.

     

  • Multiple access points wired together provide a network with a better coverage area and performance when using the same Network Names (SSIDs).

Wireless LAN Access Point (WLAP) Mode

The following illustrations show possible options for access points operating in Wireless LAN Access Point (WLAP) mode. In WLAP mode, an access point forwards data to another access point using the wireless connection rather than Ethernet cabling.

  • Access points can bridge between two Ethernet networks.

  • An access point can operate as a repeater to extend coverage area without additional network cabling.

  • Multiple access points can form a standalone wireless network. Each access point can connect with up to four other access points.

Wireless LAN Technical Glossary

WLAN/LAN/PAN/WAN
WLAN stands for Wireless Local Area Network. This is an industry term for the kind of network being discussed here. It is a fairly new term, and is an extension of LAN (Local Area Network), which was used to describe wired networks such as Ethernet. There is no formal distance associated with WLAN, and its size varies somewhat with usage and author.

In the big picture, we start out with the very small Personal Area Network (PAN) such as Bluetooth, then progress to WLAN, then to expand to the Wide Area Network (WAN) which includes the various wireless cell phone systems and similar long range devices.

FCC
The Federal Communications Commission. This is the U.S. Government agency that is responsible for the laws governing the use of radio frequencies. The FCC has designated specific bands in which products such as ours are permitted to operate legally. It is important to note that the FCC has also placed strict restrictions on power output, antenna configurations and other design and performance parameters for this class of equipment.

IEEE
The Institute of Electrical and Electronic Engineers. A 370,000 member standards organization drawn from 150 countries. One of its primary functions is to establish (with the cooperation of the FCC), and publish, product and protocol (signaling method) wired and wireless standards. Two of these standards are IEEE 802.11b and IEEE 802.11a (which are discussed below).

ISM Bands
A series of frequency bands, set aside by the FCC for Industrial, Scientific and Medical applications. Users of these bands operate equipment on a shared basis, meaning that they must expect, and accept interference from other legal users. Products manufactured for ISM Band use must be approved by the FCC, but the user does not have to be licensed. In addition to WLAN, ISM bands support cordless phones, microwave ovens, baby monitors, toys, ham radio transceivers, and other wireless services. 

UNII Bands
Unlicensed National Information Infrastructure. In contrast to the ISM bands, these are a group of frequency bands set aside by the FCC for WLAN type communications only. Users must accept interference from other legal WLAN users, but the other sources of interference problems are, or legally should be, missing.

IEEE 802.11b (Wi-Fi)
Specification for a 2.4 GHz ISM band WLAN system. Bit rates up to 11 Megabits/second (Mbps) are allowed. 

IEEE 802.11a
Specification for a 5 GHz UNII band WLAN system. Officially, bit rates up to 36 Mbps are specified, but 54 Mbps is permitted and has become an unofficial standard rate.

Note: The "a" and "b" in the specification names do not have any special meaning. Actually 802.11b was developed first. The numbering scheme is just the way that the IEEE chose to identify its specifications.

Bluetooth
An incompatible, very short-range lower speed communications system (PAN), developed first in Europe as a "cable replacement" for printers and similar peripheral connections. Its usage has expanded to include cordless earphones and similar devices. It uses the 2.4 GHz ISM band, and "co-exists" with 802.11b. Here the term, "co-exist" means that not all researchers agree on the amount of mutual interference generated when both systems operate in the same location.

ETSI/BRAN
European Telecommunications Standards Institute/Broadband Radio Access Networks. The European equivalent of the IEEE. A European multinational organization similar to the IEEE, but which concentrates on communications matters.

Hiperlan/2
A European 5 GHz communications protocol similar to, but not compatible with the American IEEE 802.11a specification. It is a product of ETSI/BRAN. Work is underway to make Hiperlan/2 and 802.11a somehow compatible, but this task will take several more years to complete.

Microwave
Technically, the term describes any frequency above 1.0 GHz. Unfortunately the advertising industry has contorted this meaning considerably. In our discussion we will stick to the technical definition.

Wireless
Strictly speaking, the term just means "without wires," but its actual meaning usually depends on the author's intent. Here, for example, a wireless system would logically refer to a microwave transceiver system.

Transceiver
A commonly used term that describes a combination transmitter and receiver. Both 802.11a and 802.11b devices would be properly described as data transceivers.

Frequencies
Strike a piano key and you generate a tone. Pick up the tone with a microphone and your tone turns in to a "vibrating" or "cycling" electronic signal. The rate of vibration depends on the key struck. In electronics we refer to this rate of vibration as the number of "cycles per second." The formal term for this value is Hertz, abbreviated "Hz." As we move up in rate, such as in the Broadcast Band, we can use Kilohertz (KHz) to represent 1,000 Hz, or Megahertz (MHz) to represent 1,000,000 Hz. Continuing much further upward, we finally reach 1,000,000,000 Hz, which we can fortunately shorten to a Gigahertz (GHz). These frequencies are the home of both 802.11a (5 GHz) and 802.11b (2.4 GHz).

Range
The distance over which a given system can communicate. See the section on range in the site survey section.

Bit Rate
The total number of bits (ones and zeros) per second that a network connection can support. Note that this bit rate will vary, under software control, with different signal path conditions.

Data Rate (Information Rate)
Not all bits carry user information. Each group (packet) of bits contains headers, trailers, echo control, destination information, and other data required by the transmission protocol. It is important to understand the difference between bit rate and data rate, since the overhead information may consume more than 40% of the total transmission. This difference is common to many such data systems, including Ethernet. 

Proprietary Products
The FCC rules do not duplicate the IEEE specifications, and in fact are less restrictive in many ways. As a result of this difference, several companies have designed, and are selling, products that use the same ISM or UN
II bands, but which use their own "homegrown" hardware and software. Such products cannot be mixed with the 802.11a or 802.11b products. Typically such products will not work with any other brand. Once you start buying such a system, your alternative procurement options are zero. If you are trying to mix 802.11 and proprietary systems, we cannot help you.

Site Survey
A process where you set up one transceiver in a fixed location, and then use another unit to plot the field strength of the first unit's transmitted signal. By moving the transmitter around, and repeating the plots, you can develop a plan as to the best locations for access points. You will also identify dead zones and other areas in need of special attention. This can be a long, slow process, but it beats ripping up an unsatisfactory installation and starting over. These tests require special software commands. Refer to your manual for specific instructions.

If you have a very large, or unusually complex installation situation, you might want to consider calling in professionals to do your survey. We are not permitted to suggest installer names, but you can check your yellow pages or similar sources for likely candidates.

WEP64, WEP40, and WEP128
Wired Equivalent Privacy, 64 bit and 128 bit (64 bit is sometimes referred to as 40 bit). This is a low-level encryption technique designed to give the user about the same amount of privacy that he would expect from a LAN. It is extremely important to understand that WEP is not some CIA-proof supercode! It performs as intended, giving the user a simple level of data security and protection from casual electronic eavesdropping. Use of the 128 bit option at all possible times is recommended. 

Remember that 802.11 devices transmit (broadcast) in all directions, and that it is possible, with very complex software, to copy and decode WEP transmissions. The task is not trivial, but it is possible. If your data is extremely sensitive, you should consider some form of secondary protection, such as strong passwords and an additional level of encryption. Suitable software packages are available from reputable suppliers.

Although not intended by the original architects, WEP also prevents unauthorized access to your system by an outsider. Hackers have been known to access systems from outside a building, and to then to access the Web for a leisurely session, all at the system owner's expense. 

Back to Contents

 


Copyright (c) 2003 Intel Corporation.