Oct 15, 2016

MAC header - Frame Control - Protocol Version, Type and Subtype

The first two bytes of the MAC header is called as Frame Control Field, which includes Protocol Version, Type, SubType, To DS, From DS, More Fragments, Retry, Power Management, More Data, Protected Frame, and Order. As you could see from the following picture.

Above the picture from CWAP

Protocol is a 2 bit field at the beginning of MAC heard. After protocol version, the Type field and Subtype file are used to identify the function of the frame. 

The following wireless packet capture shows the these three fields 


All 802.11 frames aways set Protocol Version as 0. All other values are reserved. 
There are 4 types fames, as the following 

Above the picture from CWAP

The subtype field are 4 bits and the combinations are shown as the following,
Above pictures from CWAP

At last, I list Filters of wireshark for these three fields
wlan.fc.version  ----> Proctocol version
wlan.fc.type      ----> Type
wlan.fc.subtype ----> Subtype
Posted by at No comments:

MAC Header - General

   In the last post, we introduced 802.11 MPDU consists "MAC Header", "Frame Body", and "Frame Check Sequence".  Follow posts, we will focus on MAC header which has frame control, duration, addressing and so on.

Above the picture from CWAP


Note that if all the field are used, the maximum size of an 802.11 MAC header is 32 bytes. But, the 802.11n adds a new field to the 802.11 MAC header, called the HT Control field which has 4 byte long. If the HT Control field is used, the maximum size of 802.11 MAC header would be 36 bytes. The size of an 802.11 MAC hear is not always the same for two reasons. First, the QoS Control field is used only in QoS Data frames. Second, no every fame use all four fields. For example the follow MAC header has 24 bytes which has only three addresses (Transmitter address and Source address are the same) and no QoS Control Field. 




Posted by at No comments:

Oct 14, 2016

Data-Link Layer

The 802.11 Data-Link layer is divided into two sublayers

  • Logical Link Control (LLC) sublayer 
  • Media Access Control (MAC) sublayer
When Network Layer sends data to Data-Link layer, the data is handed off to the LLC and becomes known as the MAC Service Data Unit (MSDU). When LLC sends the MSDC to the MAC layer. Then MSDU is now encapsulated in a MAC Protocal Data Unit (MPDU)


Above two pictures are from CWAP

Let see the real wireless data from wireless packet capture.  

The data from 88 to 00 (mark as the blue color) is MAC header and the data from 79 to 65 is FCS. The rest of parts (from aa to 65) is Fame body.  
Posted by at No comments:
Subscribe to: Posts (Atom)