WiFi  

 

 

 

Frame Structure 

As you may noticed from other technology that I posted, the way I study about a communication technology is always same. Study and understand the details of frame structure and then understand how these frames are exchanged at each step of communication process (protocol).

Overview of WLAN Frame

Followings are some of the bullelts for WLAN Frame. (The list would get longer as I learn more)

  • WLAN doesn't use 802.3 Ethernet frames
  • There three different types of WLAN frame named Control, Management and Data frame.
  • Max Frame size is 2346 bytes and they are typically fragmented at 1516 bytes.
  • Preamble is always sent at 1 Mbps

PHY/MAC Frame

The PHY/MAC frame is the structure used to exchange data between a device and an access point in a WLAN network. It consists of two primary layers: the Physical (PHY) frame and the Data Link (MAC) frame. Each layer is responsible for specific functions, ensuring efficient data transmission and communication.

The overall frame is structed as shown below.

The 'Network Data' shown in Green is the part which are eventually eventually conveyed to wired backbone and all the other portion (PHY, DataLink, Packet Trailer) are used for communicating between the mobile client and access point. PHY and 'Data Link' part will be main subject of WLAN frame.

Following is breakdown of the packet

PHY Frame (PLCP)

The PHY frame facilitates the physical transmission of data over the wireless medium. Its components include:

  • Preamble:
    • Provides synchronization between the transmitter and receiver.
    • Helps in detecting and locking onto the incoming signal.
  • Header:
    • Contains information about the frame, such as modulation type and data rate.
    • Enables proper decoding of the payload by the receiver.
  • PSDU (Physical Service Data Unit):
    • The main payload or data content being transmitted.
    • Encapsulates the network data originating from the higher layers.
  • Tail:
    • Used for error detection and correction processes.
  • Pad:
    • Ensures that the frame is aligned properly for transmission.

Data Link (MAC) Frame

The MAC frame manages logical communication between devices and provides reliability to the data transmission process. Its components include:

  • MAC Header:
    • Contains addressing information (source and destination MAC addresses).
    • Includes frame control and sequence control information for packet management.
  • LLC (Logical Link Control) - Optional:
    • Adds additional logical addressing and flow control mechanisms.
    • Ensures compatibility with upper network layers.
  • Network Data:
    • The actual payload data, shown in green, which will be conveyed to the wired backbone.
  • FCS (Frame Check Sequence):
    • Used for error detection to ensure data integrity during transmission.

Key Features of the PHY/MAC Frame

  • Separation of Functions:
    • The PHY layer handles the physical transmission and low-level signaling.
    • The MAC layer provides reliability, addressing, and logical communication.
  • Standard-Dependent Implementation:
    • The physical implementation of the PHY frame varies depending on the 802.11 standards (e.g., 802.11a, b, g, n, ac).
  • Error Detection and Correction:
    • The tail and FCS components ensure robust error detection and correction.
  • Integration with Wired Networks:
    • While the network data (green portion) is eventually transferred to the wired backbone, the other components (PHY, MAC, and packet trailer) are specific to wireless communication.

Benefits of the PHY/MAC Frame Structure

  • Efficiency: Combines synchronization, error detection, and payload transmission in a structured format.
  • Compatibility: Ensures seamless integration between wireless and wired networks.
  • Reliability: Provides mechanisms for error checking and retransmissions to maintain data integrity.

This structured approach of the PHY/MAC frame facilitates seamless communication in wireless networks while ensuring compatibility and reliability with existing infrastructure.

PLCP (Physical Layer Convergence Protocol) Structure

The PLCP is a header added at the PHY layer in wireless communication. It is divided into two main parts: the preamble and the header. The PLCP structure helps synchronize communication and convey important information about the frame for proper decoding by the receiver.

The PLCP structure plays a crucial role in facilitating efficient wireless communication. By synchronizing the transmitter and receiver, defining the frame's boundaries, and providing error detection, it ensures reliable and robust data exchange in a wireless network.

It consists of two main parts, preamble and Header as shown below.

The first part of PLCP is for 'Sync' (Synchronization). This is a part made of 80 bits of alternation 0 and 1s.

The next portion is SFD (Start Frame Delimiter). This is a kind of tag indicating the start of physical frame and it is a specifically determined 16 bit sequence (0000110010111101).

Following is the breakdown of the packet structure

Components of the PLCP Structure

Preamble

The preamble helps synchronize the transmitter and receiver before data transmission begins.

  • Sync (Synchronization):
    • Consists of 80 bits of alternating 0s and 1s (e.g., 010101...01).
    • Ensures the receiver is ready to process the incoming frame.
  • SFD (Start Frame Delimiter):
    • A 16-bit sequence (0000110010111101).
    • Marks the beginning of the physical frame and indicates the start of the header.

Header

The header provides detailed information about the frame for proper decoding and processing.

  • Header Length:
    • Specifies the length of the PLCP header.
    • Ensures the receiver knows where the header ends and the data begins.
  • Signaling:
    • Contains information about modulation, coding, and other transmission parameters.
    • Helps the receiver decode the payload data correctly.
  • Header CRC (Cyclic Redundancy Check):
    • A 16-bit field used for error detection.
    • Ensures the integrity of the header during transmission.

Key Features of PLCP

  • Synchronization:
    • Ensures alignment between the transmitter and receiver for successful communication.
  • Frame Delimitation:
    • Clearly defines where the header begins and ends, aiding accurate decoding.
  • Error Detection:
    • CRC checks ensure the integrity of the header and prevent processing of corrupted data.
  • Transmission Efficiency:
    • Provides essential information about the frame, ensuring reliable and optimized data transmission.

MAC Header Structure

MAC Header would be a most complicated structure of the frame. The most important information contained in the MAC header would be as follows.

  • What is the type of frame ?
  • What are the source and destination address for the frame.

Frame Control Field Structure

The frame control field is part of the MAC header and plays a crucial role in defining the characteristics and behavior of the wireless frame. It helps in determining the type of frame, its purpose, and how the addresses are allocated. The field is highly structured, with specific bits designated for various functionalities.

The frame control field provides detailed instructions and context for each frame in the wireless network. By combining subfields for addressing, reliability, and power management, it ensures seamless and efficient communication within the WLAN.

You see four different locations allocated for Address. What kind of address is assigned to which address field is determined by 'To DS' and 'From DS' field. The mapping between DS field and Address field are specified as follows.

Regardless of the contents in the frame, the structure of MAC header is same. Then how do we (the WLAN device) knows what kind of the information (data) is contained in the frame. 'Type' and 'Sub Type' field determines the characteristics of the frame.

Type field (2 bits) determines the major characteristics of the contents carried by the frame and 'Sub type' defines the details of the information.

The 'Type'/'Sub Type' and characteristics of the contents are mapped as shown in the following table. This table is mostly for 802.11 a,b,g and there is some changes (additions) in recent specification (e.g, 802.11ac, 802.11ad). Regarding the changes in recent specification, I would not list in this table and I will list those changes in separate pages dealing with 802.11ac or 802.11ad.

Followings are descriptions of each component

Frame Control (2 Bytes)

Defines the characteristics of the frame and its behavior in the wireless medium.

  • Protocol Version (2 bits): Identifies the version of the protocol being used. Usually set to 00 for standard 802.11 frames.
  • Type (2 bits): Indicates the type of frame:
    • 00: Management frame.
    • 01: Control frame.
    • 10: Data frame.
    • 11: Reserved.
  • Subtype (4 bits): Further specifies the frame's purpose (e.g., beacon, RTS, CTS, etc.).
  • To DS (1 bit): Indicates whether the frame is destined for the distribution system.
  • From DS (1 bit): Indicates whether the frame is coming from the distribution system.
  • More Fragments (1 bit): Indicates whether more fragments of the frame follow.
  • Retry (1 bit): Marks the frame as a retransmission of an earlier frame.
  • Power Management (1 bit): Specifies the power-saving mode of the device.
  • More Data (1 bit): Indicates that more data is buffered for the receiver.
  • WEP (1 bit): Indicates whether encryption is used.
  • Order (1 bit): Specifies that frames must be processed in order.

Duration/ID (2 Bytes)

Specifies the duration of the frame transmission or the ID for power-saving features.

Address Fields

Defines how addresses are allocated and mapped based on the To DS and From DS fields.

  • Address 1: Destination address.
  • Address 2: Source address.
  • Address 3: BSSID (Basic Service Set Identifier).
  • Address 4: Used in specific scenarios (e.g., when both To DS and From DS are set).

Sequence Control (2 Bytes)

Manages sequencing and fragmentation of frames for reliable transmission.

Frame Check Sequence (FCS) (4 Bytes)

Ensures data integrity by detecting errors during transmission.

Key Features of the Frame Control Field

  • Frame Identification: The Type and Subtype fields specify the kind and purpose of the frame.
  • Address Mapping: The To DS and From DS fields determine how addresses are interpreted and mapped in multi-hop communication.
  • Reliability: Subfields like Retry and More Fragments support robust data delivery.
  • Power Management: Devices can use the Power Management field to save energy when idle.

Frame Type Table

The Frame Type Table describes the classification of Wi-Fi frames in the IEEE 802.11 standard. Each frame is categorized by its Type and Subtype, which determine the function and purpose of the frame in the wireless communication process. The table provides a detailed breakdown of the roles played by various frames in management, control, and data transmission.

Type

Type Description

Sub Type

Sub Type Description

00

Management

0000

Association Request

00

Management

0001

Association Response

00

Management

0010

Reassociation Request

00

Management

0011

Reassociation Response

00

Management

0100

Probe Request

00

Management

0101

Probe Response

00

Management

0110

Timing Advertisement

00

Management

0111

Reserved

00

Management

1000

Beacon

00

Management

1001

ATIM

00

Management

1010

Dissociation

00

Management

1011

Authentication

00

Management

1100

Deauthentication

00

Management

1101

Action

00

Management

1110

Action No Ack (NACK)

00

Management

1111

Reserved

01

Control

0000-0010

Reserved

01

Control

0011

TACK

01

Control

0100

BeamForming Report Poll

01

Control

0101

VHT/HE NDP Announcement

01

Control

0110

Control Frame Extension

01

Control

0111

Control Wrapper

01

Control

1000

Block Ack Request (BAR)

01

Control

1001

Block Ack (BA)

01

Control

1010

PS-Poll

01

Control

1011

RTS

01

Control

1100

CTS

01

Control

1101

ACK

01

Control

1110

CF End

01

Control

1111

CF End + CF ACK

10

Data

0000

Data

10

Data

0001

Reserved

10

Data

0010

Reserved

10

Data

0011

Reserved

10

Data

0100

Null (no data)

10

Data

0101

Reserved

10

Data

0110

Reserved

10

Data

0111

Reserved

10

Data

1000

QoS Data

10

Data

1001

Data + CF ACK

10

Data

1010

Data + CF Poll

10

Data

1011

QoS Data + CF ACK + CF Poll

10

Data

1100

QoS Null(No Data)

10

Data

1101

Reserved

10

Data

1110

QoS CF-Poll (no Data)

10

Data

1111

QoS CF ACK + CF Poll(no Data)

11

Extension

0000

DMG Beacon

11

Extension

0001

S1G Beacon

11

Extension

0010-1111

Reserved

Followings are high lights of the table.

Type

  • Represents the broad category of the frame.
  • Defined using 2 bits:
    • 00: Management Frames
    • 01: Control Frames
    • 10: Data Frames
    • 11: Extension Frames (Reserved for future use)

Type Description

  • Explains the function of the frame type:
    • Management: Frames responsible for establishing and maintaining connections (e.g., beacon, authentication).
    • Control: Frames used for controlling access to the medium and ensuring proper data flow (e.g., RTS, CTS, ACK).
    • Data: Frames that carry the actual user data.
    • Extension: Reserved for additional frame types in future versions of the standard.

Subtype

  • A 4-bit field that provides additional detail about the specific purpose of the frame.
  • Examples:
    • Management Frames:
      • 0000: Association Request – Initiates a connection to an access point.
      • 1000: Beacon – Advertises the presence of an access point.
      • 1011: Authentication – Handles authentication requests between devices.
    • Control Frames:
      • 1100: CTS (Clear to Send) – Manages medium access in conjunction with RTS.
      • 1101: ACK (Acknowledgment) – Confirms receipt of a frame.
    • Data Frames:
      • 0000: Data – Carries user data.
      • 1000: QoS Data – Data frame with Quality of Service features.

Subtype Description

  • Provides detailed information about the frame's specific function.
  • Examples:
    • Association Request: A device requests to join a network.
    • RTS (Request to Send): Used to reserve the channel before data transmission.
    • QoS Data: A frame designed for applications with priority needs, such as video streaming.

Key Takeaways

  • Management Frames: Facilitate network setup, maintenance, and teardown (e.g., Beacon, Probe Request, Authentication).
  • Control Frames: Manage access to the wireless medium and ensure orderly communication (e.g., RTS, CTS, ACK).
  • Data Frames: Carry user payload data and sometimes include control information for advanced features like QoS.
  • Frame Classification: Each frame is uniquely identified using its Type and Subtype fields, enabling precise communication protocols.

Duration ID Field Structure

The Duration ID field is a part of the MAC header in the IEEE 802.11 protocol. It occupies 2 bytes and is used to define the duration of reserved channel time or to identify certain frame types. The interpretation of this field depends on the Most Significant Bits (MSB). It provides functionality for reserving the medium, enabling contention-free communication, and supporting power-saving mechanisms, ensuring efficient and reliable operation in wireless networks.

The value in the duration field has different meaning (interpretation) depending on the one or two bits at Most Significant Bits (MSB) as shown below.

 

Key Interpretations of the Duration ID Field

  • NAV (Network Allocation Vector):
    • When the MSB = 0, the field specifies the NAV value.
    • The NAV reserves the wireless medium for a specified duration, preventing other devices from transmitting during that time.
    • Size: 15 bits.
  • CFP (Contention-Free Period) Frame:
    • When MSB = 01, the field indicates that the medium is reserved for the Contention-Free Period.
    • All 14 bits of the field, except for the MSBs, are set to 0.
  • PS Poll (Power-Saving Poll) Frame:
    • When MSB = 11, the field is used to identify a PS Poll Frame.
    • It contains the Association ID (AID) of the station, which ranges between 1 and 2007.
    • This frame is used by power-saving devices to retrieve data buffered at the access point.

Breakdown of the Duration ID Field

  • Field Size: 2 bytes (16 bits).
  • Interpretation Based on MSB:
    • 0 (MSB): 15 bits are allocated for the NAV.
    • 01 (MSB): 14 bits (excluding MSBs) set to 0 for CFP.
    • 11 (MSB): Contains the AID for PS Poll frames.

Use Cases

  • Medium Reservation: Devices use the NAV value to determine how long the medium will remain busy, reducing the chance of collisions.
  • Contention-Free Period: Ensures uninterrupted communication for specific frames during time-sensitive transmissions.
  • Power-Saving Mechanism: Supports power-saving devices by enabling them to retrieve buffered data from the access point.

Sequence Control Field Structure

The Sequence Control Field is a 2-byte field in the MAC header that manages the sequencing and fragmentation of frames. It is crucial for ensuring that frames are delivered and reassembled correctly at the receiver. It ensures reliability in wireless communication. By providing both sequence and fragment numbers, it supports proper ordering, fragmentation, and reassembly of packets, enabling efficient data transmission over Wi-Fi networks.

When a packet comes into the MAC layer from higher layer, a sequence number is assigned at 'Sequence Number' field. If the incoming packet is too big for a single MAC frame, it be splitted into multiple fragment. In this case, a fragment number is assigned at 'Fragment No' field. When a packet gets into multiple MAC frame, those fragmented frame gets the same value at 'Sequence Number' field and different values at 'Fragment No' field.

802.11 can transmit the max 2304 bytes of higher layer packet. Considering WEP overhead and 8 bytes LLC header, the maximum MAC frame size should be 2296 bytes.

 

Key Features of the Sequence Control Field

  • Sequence Number (12 Bits):
    • Assigned to all fragments of a packet.
    • Identifies the sequence of the frame in relation to others.
    • Ensures proper ordering and reassembly of frames at the receiver.
  • Fragment Number (4 Bits):
    • Assigned to frames when a packet is fragmented into multiple MAC frames.
    • Differentiates between individual fragments of the same packet.
    • Each fragment of a packet has the same sequence number but a different fragment number.

Functionality

  • Fragmentation:
    • When a higher-layer packet exceeds the maximum MAC frame size (e.g., 2304 bytes for 802.11), it is split into smaller fragments.
    • Each fragment is assigned the same Sequence Number but a unique Fragment Number.
    • This ensures the fragments can be reassembled into the original packet by the receiver.
  • Maximum Frame Size:
    • 802.11 can transmit up to 2304 bytes from the higher layer.
    • Considering additional headers, such as WEP overhead and the LLC header, the maximum MAC frame size is reduced to 2296 bytes.

Breakdown of the Sequence Control Field

  • Field Size: 2 bytes (16 bits).
  • Components:
    • Sequence Number (12 Bits): Indicates the packet's position in the sequence and helps in ordering frames correctly.
    • Fragment Number (4 Bits): Identifies individual fragments of a packet and is used for reassembling fragmented packets.

Example Use Case

  1. A large packet (e.g., 4000 bytes) arrives at the MAC layer.
  2. The packet is split into two fragments:
    • Fragment 1: Assigned Sequence Number = 100 and Fragment Number = 0.
    • Fragment 2: Assigned Sequence Number = 100 and Fragment Number = 1.
  3. At the receiver, the fragments are reassembled based on their sequence and fragment numbers.

 

Example 1 > MAC Header / Beacon Frame

 

RTS Frame

The RTS frame is part of the IEEE 802.11 protocol and is used to reserve the wireless medium for data transmission. It prevents collisions by ensuring the channel is clear before large data packets are sent. The RTS frame is a Control Frame consisting of several key fields. By reserving the channel and coordinating with CTS frames, it ensures efficient and reliable wireless communication, especially in dense or complex network environments.

Following is the breakdown of the header and the descriptions

Fields in the RTS Frame

  • Frame Control (2 Bytes):
    • Indicates the type and subtype of the frame (in this case, RTS).
    • Contains control flags, such as power management and retransmission status.
  • Duration (2 Bytes):
    • Specifies the time, in microseconds, required for:
      • Data or Management Frame + CTS (Clear-to-Send) + ACK (Acknowledgment) + 3 SIFS (Short Interframe Spaces).
    • Ensures that other devices avoid using the medium during this period.
  • Receiver Address (RA) (6 Bytes): Specifies the MAC address of the intended recipient.
  • Transmitter Address (TA) (6 Bytes): Specifies the MAC address of the sender.
  • Frame Check Sequence (CRC) (4 Bytes): Ensures the integrity of the frame by verifying the transmitted data for errors.

Purpose and Functionality of RTS Frame

  • Medium Reservation: RTS is sent by a device to reserve the wireless medium and prevent other devices from transmitting.
  • Collision Avoidance: Especially useful in networks with hidden nodes where two devices may be unable to detect each other’s transmissions.
  • Coordination with CTS Frame: After receiving an RTS frame, the recipient responds with a CTS frame, confirming that the medium is clear.

Example Frame Analysis

  • Frame Control Field:
    • Type: Control Frame (01).
    • Subtype: RTS (1011).
    • Flags:
      • DS Status: Not leaving DS (To DS: 0, From DS: 0).
      • More Fragments: This is the last fragment.
      • Retry: Frame is not being retransmitted.
      • Power Management: STA will stay awake.
      • More Data: No data buffered.
      • Protected Flag: Data is not protected.
      • HTC/Order Flag: Not strictly ordered.
  • Duration:
    • Duration Value: 246 microseconds.
    • Represents the time reserved for the transmission process.
  • Receiver Address (RA): IntelCor_00:48:85 (B4:C5:A6:00:48:85).
  • Transmitter Address (TA): ASUSTeK_C7:a3:b4 (F0:2F:74:7C:A3:B4).
  • Frame Check Sequence (FCS): Value: 0x950d956e (unverified).

CTS Frame

The CTS frame is a control frame in the IEEE 802.11 protocol, used to confirm medium reservation initiated by an RTS (Request-to-Send) frame. The CTS frame ensures that the channel is clear for data transmission, reducing the likelihood of collisions. By confirming the reservation of the wireless medium, it ensures that data transmission occurs without interference, facilitating reliable and efficient wireless communication.

Following is the breakdown of the header and description

Fields in the CTS Frame

  • Frame Control (2 Bytes):
    • Identifies the frame as a control frame (CTS).
    • Includes subtype information and flags.
  • Duration (2 Bytes):
    • Specifies the time in microseconds that the channel will remain reserved for data transmission.
    • Calculated as the remaining time for Data/Management Frame + ACK + SIFS.
  • Receiver Address (RA) (6 Bytes): Contains the MAC address of the device that sent the RTS frame.
  • Frame Check Sequence (CRC) (4 Bytes): Used to verify the integrity of the frame during transmission.
    • Ensures error-free communication.

Purpose and Functionality of CTS Frame

  • Collision Avoidance: Confirms medium reservation initiated by the RTS frame, preventing other devices from transmitting during the reserved period.
  • Coordination: Ensures proper synchronization between devices before data transmission.
  • Efficient Communication: Reduces the likelihood of collisions, especially in networks with hidden nodes.

Example Frame Analysis

  • Frame Control Field:
    • Type: Control Frame (01).
    • Subtype: CTS (1100).
    • Flags:
      • DS Status: Not leaving DS (To DS: 0, From DS: 0).
      • More Fragments: This is the last fragment.
      • Retry: Frame is not being retransmitted.
      • Power Management: STA will stay awake.
      • More Data: No data buffered.
      • Protected Flag: Data is not protected.
      • HTC/Order Flag: Not strictly ordered.
  • Duration:
    • Value: 186 microseconds.
    • Specifies the time during which the medium will remain reserved.
  • Receiver Address (RA): ASUSTeK_C7:a3:b4 (F0:2F:74:7C:A3:B4).
  • Frame Check Sequence (CRC): Value: 0x737b934e (unverified).

ACK Frame

The ACK frame is a control frame in the IEEE 802.11 protocol, used to acknowledge the successful receipt of data or management frames. It ensures reliable data transmission by confirming that the receiver has correctly received the packet. By confirming successful receipt of frames, it prevents unnecessary retransmissions and optimizes the efficiency of wireless networks.

Following is the breakdown of the header and description

Fields in the ACK Frame

  • Frame Control (2 Bytes):
    • Identifies the frame as a control frame (ACK).
    • Includes subtype information and flags.
  • Duration (2 Bytes):
    • Specifies the time in microseconds that the medium will remain reserved for completing the acknowledgment.
  • Receiver Address (RA) (6 Bytes): Contains the MAC address of the device that sent the data or management frame.
  • Frame Check Sequence (CRC) (4 Bytes): Verifies the integrity of the ACK frame during transmission.

Purpose and Functionality of ACK Frame

  • Reliable Data Transmission: Confirms that the receiver has successfully received the data or management frame.
  • Medium Reservation: Helps prevent collisions by reserving the channel during acknowledgment transmission.
  • Efficient Communication: Reduces retransmissions and enhances network performance.

Example Frame Analysis

  • Frame Control Field:
    • Type: Control Frame (01).
    • Subtype: ACK (1101).
    • Flags:
      • DS Status: Not leaving DS (To DS: 0, From DS: 0).
      • More Fragments: This is the last fragment.
      • Retry: Frame is not being retransmitted.
      • Power Management: STA will stay awake.
      • More Data: No data buffered.
      • Protected Flag: Data is not protected.
      • HTC/Order Flag: Not strictly ordered.
  • Duration:
    • Value: 0 microseconds.
    • Indicates that the medium is not further reserved after the ACK is sent.
  • Receiver Address (RA): 2c:0e:3d:43:48:7e.
  • Frame Check Sequence (CRC): Verifies the correctness of the frame (status unverified in this example).

Beacon Frame

The Beacon Frame is a critical management frame in the IEEE 802.11 protocol, primarily used to announce the presence of an access point (AP) and provide essential information about the wireless network. It is broadcast periodically by the AP to help devices discover and connect to the network.

NOTE : Further details of the Beacon and it's contents, refer to  this note.

Following is the breakdown and description

Key Fields in the Beacon Frame

  • Frame Control (2 Bytes):
    • Indicates the type and subtype of the frame (in this case, Beacon).
    • Includes control information such as version, type, and subtype.
  • Duration (2 Bytes): Specifies the time in microseconds the channel will remain reserved for the transmission.
  • Destination Address (DA) (6 Bytes): Broadcast address, usually set to FF:FF:FF:FF:FF:FF.
  • Source Address (SA) (6 Bytes): MAC address of the access point transmitting the Beacon.
  • BSS ID (6 Bytes): Identifies the Basic Service Set (BSS), typically the MAC address of the AP.
  • Sequence Control (2 Bytes): Provides sequencing information for the frame.
  • Frame Body (Variable Length): Contains detailed information about the network. Subfields include:
    • Timestamp (8 Bytes): Synchronization data for client devices.
    • Beacon Interval (2 Bytes): Time between beacon transmissions.
    • Capability Info (2 Bytes): Details about the network's capabilities (e.g., encryption type, supported features).
    • SSID (Variable Length): Name of the wireless network.
    • FH Parameter Set (7 Bytes): Frequency hopping parameters (if used).
    • DS Parameter Set (2 Bytes): Details about the channel in use.
    • CF Parameter Set (8 Bytes): Contention-Free parameters (if applicable).
    • IBSS Parameter Set (4 Bytes): Details specific to Independent BSS (ad hoc networks).
    • Other Variable Length Fields: Additional optional fields.
  • Frame Check Sequence (FCS) (4 Bytes): Ensures data integrity by verifying the transmitted frame for errors.

Purpose and Functionality of the Beacon Frame

  • Network Advertisement: Announces the presence of the AP and its network.
  • Synchronization: Helps client devices synchronize their clocks with the AP.
  • Network Parameters: Provides essential details about the network, such as SSID, supported rates, and channel information.
  • Connectivity: Enables client devices to discover and connect to the network.

Trigger Frame

The Trigger Frame is an essential element in IEEE 802.11ax (Wi-Fi 6) used for uplink multi-user communication. It coordinates multiple devices to transmit data simultaneously by defining precise parameters for each device's transmission. The trigger frame structure contains various fields to manage and optimize uplink transmissions effectively. Its detailed structure allows for precise coordination, ensuring optimized resource allocation, reduced interference, and improved network performance.

Following is the breakdown and description

Key Sections in the Trigger Frame

  • Frame Control (2 Bytes):
    • Specifies the type and subtype of the frame.
    • Contains control flags for frame management.
  • Duration ID (2 Bytes): Specifies the duration (in microseconds) during which the medium is reserved.
  • Receiver Address (RA) (6 Bytes): Contains the MAC address of the intended recipient.
  • Transmitter Address (TA) (6 Bytes): Contains the MAC address of the device sending the frame.
  • Common Info (8 or more Bytes): Defines parameters shared across all devices for the transmission. Subfields include:
    • Trigger Type (4 Bits): Specifies the type of trigger (e.g., basic, MU-BAR).
    • UL Length (12 Bits): Indicates the total length of the uplink data.
    • More TF (1 Bit): Indicates whether more Trigger Frames follow.
    • CS Required (1 Bit): Specifies whether carrier sense is required before transmission.
    • UL BW (2 Bits): Defines the uplink bandwidth.
    • GI and LTF Type (2 Bits): Specifies guard interval and long training field type.
    • MU-MIMO LTF Mode (2 Bits): Determines the mode for multi-user MIMO training fields.
    • Number of HE-LTF Symbols (3 Bits): Indicates the number of high-efficiency long training field symbols.
  • User Info (5 or more Bytes per User): Contains user-specific parameters for uplink transmissions. Subfields include:
    • AID12 (12 Bits): Allocation Identifier for identifying the user.
    • RU Allocation (8 Bits): Specifies the resource units allocated to the user.
    • UL FEC Coding Type (1 Bit): Indicates the Forward Error Correction scheme.
    • UL MCS (4 Bits): Uplink Modulation and Coding Scheme.
    • UL DCM (1 Bit): Dual-carrier modulation indicator.
    • SS Allocation Info (7 Bits): Spatial stream allocation information.
    • UL Target RSSI (6 Bits): Target receive signal strength indicator for uplink transmissions.
    • Reserved and Trigger Dependent Info: Additional parameters based on the specific trigger type.
  • Padding (Variable Length): Ensures the frame aligns to a proper boundary for efficient processing.
  • Frame Check Sequence (FCS) (4 Bytes): Ensures the integrity of the frame by validating its data.

Purpose and Functionality of the Trigger Frame

  • Uplink Multi-User Scheduling: Coordinates multiple devices to transmit data simultaneously using OFDMA or MU-MIMO.
  • Efficient Resource Allocation: Allocates resource units (RUs) dynamically for optimized bandwidth usage.
  • Power Efficiency: Reduces power consumption by specifying transmission parameters for each device.
  • Enhanced Performance: Improves network throughput and reduces latency by minimizing contention among devices.

Example : MU-RTS

    NOTE :  Log file is from Gjermund Raaen who kindly allowed me to share the log clips.

Frame Control

  • Type/Subtype: Identifies the frame as a control frame with the specific subtype "Trigger" (0010).
  • Flags:
    • DS Status: Indicates if the frame is part of the distribution system.
    • More Fragments: Specifies if additional fragments follow.
    • Retry: Indicates retransmission status.
    • Power Management: Indicates if the station remains active or enters sleep mode.
    • Protected Flag: Specifies whether the frame content is protected.
    • Order Flag: Indicates if frames must be processed in order.

Common Info

  • Trigger Type: Defines the purpose of the trigger (MU-RTS in this case).
  • Uplink (UL) Parameters:
    • UL Length: Length of uplink data.
    • More TF: Indicates if additional Trigger Frames are expected.
    • CS Required: Specifies if carrier sensing is necessary.
    • UL BW: Uplink bandwidth (20 MHz).
    • GI and LTF Type: Guard interval and training field configuration (1x HE-LTF with 1.6 ΅s GI).
    • MU-MIMO LTF Mode: Single stream or pilot mode for MIMO training fields.
    • Number of HE-LTF Symbols: Number of high-efficiency training symbols (0).
  • Power Settings:
    • AP TX Power: Access point transmission power (20 dBm).
    • PE Disambiguity: Disambiguation for preamble detection.
    • Doppler: Doppler effect enabled or disabled (False).
  • UL HE-SIG-A2 Reserved: Reserved bits for future use.

User Info

  • AID12: Identifies the user by their Allocation Identifier.
  • RU Allocation:
    • Allocates Resource Units (RUs) for each user.
    • Specifies the number of tones allocated.
  • Coding Type: Forward Error Correction type (BCC).
  • Modulation and Coding Scheme (MCS): Determines data rate (MCS 0).
  • Dual Carrier Modulation (DCM): Indicates DCM usage (False).
  • Spatial Streams:
    • Starting Spatial Stream: The initial spatial stream (1).
    • Number of Spatial Streams: Total streams assigned (1).
  • Target RSSI: Target Received Signal Strength Indicator (-110 dBm).
  • Reserved Bits: Reserved for future enhancements.

Example User Information Details

  • User 1:
    • AID12: 0x00f
    • RU Allocation: 67 (996 tones)
    • Target RSSI: -110 dBm
  • User 2:
    • AID12: 0x00d
    • RU Allocation: 61 (242 tones)
    • Target RSSI: -110 dBm
  • User 3:
    • AID12: 0x008
    • RU Allocation: 61 (242 tones)
    • Target RSSI: -110 dBm
  • User 4:
    • AID12: 0x01a
    • RU Allocation: 61 (242 tones)
    • Target RSSI: -110 dBm

Reference