Wifi transmission and enhancement solution guide

1. Overview of WiFi transmissionWiFi encapsulation in OSI802.11 frame typesManagement frame Control frameData frameMedium access control2. Case studyLab WiFi environmentSTA and AP retransmit so much in low RSSI condition3. WiFi enhancementPhysical layer enhancementMAC layer enhancement

Wi-Fi Transmission and Enhancement

 WiFi encapsulation in OSI

 Lab WiFi environment

 STA and AP retransmit so much in low RSSI condition

 Physical layer enhancement

 MAC layer enhancement

WiFi encapsulation in OSI

 The IEEE 802.11-2007 standard defines communication mechanisms only at the Physical layer and MAC sublayer of the Data-Link layer of the OSI model

By design, the 802.11 standard does not address the upper layers of the OSI model

 When capturing wireless frames, if wireless encryption is implemented, all of the layer 3 through layer 7 information will be grouped and displayed as theencrypted payload

Block ACK Request (BlockAckReq)Block ACK (BlockAck)

Data (simple data frame)Null function (no MSDU payload)Data + CF-ACK

Data + CF-PollData + CF-ACK + CF-PollCF-ACK (no MSDU payload)CF-Poll (no MSDU payload)CF-ACK + CF-Poll (no MSDU payload)QoS data

QoS Null (no MSDU payload)QoS data + CF-ACK

QoS data + CF-PollQoS data + CF-ACK + CF-PollQoS CF-Poll (no MSDU payload)

There are 3 major type of frame and further subdivided into multiple subtypes:

 Management frames are used by wireless stations to join and leave the basic service set

 Control frames assist with the delivery of the data frames 802.11

 Data frames carry the actual MSDU data that is passed down from the higher layer protocols

MAC Sublayer Frame Format

802.11 MAC Protocol Data Unit (MPDU)

Management frame

Management Frame structure

Management frames always have a standard 24-byte-long MAC header with three

addresses, followed by a body of variable size When 802.11n is in use, the header is

extended 4 byte of the HT Control section

 Duration/ID field can be used for virtual Carrier Sense – This is the main purpose

which used to reset the NAV timer of the other stations

 The DA field is the destination address of the frame It can be broadcast or unicast

depending on the frame subtype

 The SA field is the MAC address of the station transmitting the frame

 The BSSID can be the AP BSSID or a wildcard value

 The size and content of the body depend on the management frame subtype

Subtype bits

Management frame

Beacon Frame

Connection establishment

 Beacon frames are used by the access points (and stations in an IBSS) to communicate

throughout the serviced area the characteristics of the connection offered to the cell

members

 Beacon frames are sent periodically, at a time called target beacon transmission time

(TBTT), this unit is 1,024 microseconds normally

 All stations in the cell use the AP beacon as a time reference

Management frame

Beacon Frame example

 Timestamp Field represent the time on the access point, which is the

number of microseconds the AP has been active

 Capability Information Field contains number of subfields that are used to

indicate requested or advertised optional capabilities

 Short Slot Time Subfield determines whether short slot time is allowed in

the cell

 Supported Rates at least one mandatory rate must be set by AP & any

station wanting to join the cell must support all basic rates

Control frame

Frame Control fields Valid Type and Subtype combinations

Data frame

Data frames: valid Type and Subtype combinations QoS and Non-QoS Data Frames

Transmitting station

Receiving station

Data frame subtype used

Non-QoS station Non-QoS

station Non-QoS frame Non-QoS station QoS station Non-QoS frame QoS station QoS station QoS frame QoS station Non-QoS

station Non-QoS frame All Broadcast Non-QoS frame, unless the transmitting station knows that all stations in

the BSS are QoS capable, in which case a QoS frame would be used All Multicast

Non-QoS frame, unless the transmitting station knows that all stations in the BSS that are members of the multicast group are QoS capable, in which case a QoS frame would be used

Data-Carrying vs Non-Data-Carrying Frames

Medium access control

These are the steps a station go through prior to transmit a frame to the wireless medium

1 STAs use a physical carrier sense (Clear ChannelAssessment—CCA) to determine if the wireless medium isbusy

2 STAs use virtual carrier sense (Network Allocation Vector—NAV) to detect if the medium is busy When the virtual timer(NAV) reaches zero, STAs may proceed

3 If conditions 1 and 2 are met, STAs wait the necessary IFSinterval, as prescribed by the protocol

4 If conditions 1 and 2 are met through the duration of condition

3, STAs generate a random backoff number in accordancewith the range of allowed values

5 STAs begin decrementing the backoff timer by one for everyslot time duration that the wireless medium is idle

6 After decrementing the backoff value to zero, with an idlemedium, a STA may transmit the allotted frame exchange, inaccordance with the parameters of the obtained transmissionopportunity (TXOP)

7 If another STA transmits before Step 6 is completed, STAsobserve steps 1, 2, 3, and 5 until the backoff timer is equal tozero

8 After a successful transmission, repeat as needed Belowdiagram show the flow of the above steps

Medium access control

Physical Carrier Sense

 The CCA is set to busy if a high enough level of energy is detected coming from valid, modulated 802.11 bits

 If modulated bits are detected at those energy levels, the CCA will go busy for 15 microseconds if DSSS modulation is being used or for 4 microseconds ifOFDM modulation is being used

 Interference from non-802.11 devices does not cause the CCA to go into a busy state

 CCA may not keep all devices within a BSS quiet If an AP or station is too far away to detect data transmissions at the requisite energy level, the CCA may

go into the idle state even though the channel is still occupied

Virtual Carrier Sense

 The network allocation vector is the virtual carrier sense mechanism for 802.11 APs and stations The NAV is a timer that counts down toward zero When adevice has a NAV value greater than zero, the device stays quiet Once the NAV value reaches zero, the wireless medium is considered clear

 APs and stations set their NAV values according to the Duration value inside the 802.11 header

 If an 802.11 device lacks the ability to receive a high-quality signal from another device on the channel because of distance, obstructions, or interference, thetwo devices will not be able to read each other’s Duration/ID fields and therefore will not have their NAV values set properly

Interframe Spaces

 The IFS is a quiet period that APs and stations must wait before any 802.11 frame transmission There are several different IFS times

 Shorter IFS times are used before transmissions with higher priority to the channel The idea is that if APs and stations wait for a shorter quiet period beforetransmitting, they will gain access to the channel while other devices are still staying quiet

Medium access control

SIFS (Shortest Inter Frame Space) is used prior to ACK and CTS frames as well as the second or subsequent MPDUs of a fragment burst

 SIFS for 802.11b/g/n (2.4 GHz) = 10μS

 SIFS for 802.11a/n/ac (5 GHz) = 16μS

RIFS (Reduced Inter Frame Space)

 802.11n standard use RIFS & Block Acknowledgement (mandatory in 802.11n) RIFS is used only when Block ACK is enabled

 Improve efficiency for transmissions to the same receiver in which a SIFS-separated response is not required, such as a transmission burst (CFB-Contention Free Burst)

 RIFS = 2μS

DIFS (Distributed Inter Frame Space)

 DIFS = SIFS + 2x SlotTime

 SlotTime for 802.11a/n/ac (5 GHz) = 9μS

 SlotTime for 802.11g/n (2.4 GHz – HT or ERP) = 9μS with short preamble

 SlotTime for 802.11g/n (2.4 GHz – HT or ERP) = 20μS with long preamble

 SlotTime for 802.11b/g/n (2.4 GHz – DSS ) = 20μS

EIFS (Extended Inter Frame Space)

 The EIFS value is used by STAs that have received a frame that contained errors By using this longer IFS, the transmitting station will have enough time to recognize that the frame was not received properly before the receiving station commences transmission

 EIFS (in DCF) = SIFS + DIFS + ACK_Tx_Time

 EIFS 802.11b/g/n devices using DSS = 364μS

 EIFS 802.11g/n devices using OFDM = 160μS

 EIFS 802.11a/n devices (5GHz) = 160μS

Medium access control

PIFS (PCF Inter Frame Spaces)

 PIFS are used by STAs during the contention-free period

(CFP) in PCF mode

 Because PCF has not been implemented in 802.11 devices,

you will not see PIFS used for this purpose

 PIFS = SIFS + SlotTime

Summarize SIFS,DIFS,PIFS & SlotTime values

Medium access control

Random backoff

 The random backoff is a quiet period before a frame transmission, It is a period of time that changes based on a random number chosen by each AP or station

 APs and stations stay quiet during the random backoff by randomly choosing a number of slot times and then counting down until the number of slot timesequals zero Once the number of slot times hits zero, an AP or station is allowed to transmit a frame

 As soon as one device exhausts its slot times, it will transmit, thus turning the CCA to a busy state in all other devices on the channel

 The lower limit for the random backoff is always 0 The upper limit for the random backoff is always equal to the contention window (CW)

 The contention window (CW) parameter takes the initial value CWmin and effectively doubles on each unsuccessful MPDU transmit, for example each time

an ACK response is not received for a data frame If the CW reaches CWmax it remains at that value until it is reset The CW is reset to CWmin after every successful MPDU transmit

Medium access control

Random backoff procedure

 To begin the random backoff procedure, the station selects a random backoff count in the range [0, CW] All backoff slots occur following a DIFS during which the medium is determined to be idle

 During each backoff slot the station continues to monitor the medium If the medium goes busy during a backoff slot then the backoff procedure is suspended The backoff count is resumed when the medium goes idle again for a DIFS period

 When multiple stations are deferring and go into random backoff, then the station selecting the smallest backoff count (STA 3) will win the contention and transmit first

 The remaining stations suspend their backoff and resume DIFS after the medium goes idle again

 The station with the next largest backoff count will win next (STA 4) and then eventually the station with the longest backoff count (STA 2)

 A station that begins a new access (STA 1 again) will select a random backoff from the full contention window and will thus tend to select a larger count than the remaining backoff for stations (such as STA 2) that have already suspended their backoff from a previous access attempt

Case study

STA and AP restransitted so much in low RSSI condition for which happen with all ONT’s vendor

Physical layer enhancement

1 Short Preamble is not allowed in Beacon

Physical layer enhancement

2 Reduce Interframe Spacing (RIFS) is prohibitted

1.2 Beacon packet capture

 RIFS were introduced with 802.11n to improve efficiency for

transmissions to the same receiver in which a SIFS-separated

response is not required

 802.11n standard use RIFS & Block Acknowledgement (mandatory

in 802.11n) RIFS is used only when Block ACK is enabled

 RIFS = 2μS

Physical layer enhancement

3 Include VHT information of 802.11 ac in management frame of 802.11n

1.2 Beacon packet capture

1.3 Next action

 RnD please build the firmware which support to don’t include info

of 802.11ac in some management packets of 802.11n

 Refer to BMS ID: H660x:5362

 VTAC test again at Lab

1.1 Standard

 Some packets including Beacon, Probe response, association response

increase hearder packets, it make longer time to transmit the packets

in WiFi medium

MAC layer enhancement

1 Modify MCS set parameters

1.1 Standard

 Non-HT radios that used OFDM

technology (802.11a/g) defined data

rates of 6 Mbps to 54 Mbps based on

the modulation that was used

 HT radios, however, define data rates

based on numerous factors including

modulation, the number of spatial

streams, channel size, and guard

interval

 The 802.11n amendment defines 77

MCSs that are represented by an MCS

index from 0–76 The eight mandatory

MCSs for 20 MHz channels are

comparable to basic (required) rates

MAC layer enhancement

1 Modify MCS set parameters

1.2 Beacon packet capture 1.3 Next action

 If the TX MCS Set Defined subfield is set to 0, it indicates the STA is

not specifying a TX MCS set

 When the TX MCS Set Defined subfield is set to 1 and the TX RX

MCS Set Not Equal subfield is set to 0, the STA is indicating it will

use the same MCS set defined by the RX MCS Bitmask subfield

=> Request to set Tx MCS set is defined to be equal to the Rx MCS set

MAC layer enhancement

2 Support A-MSDU and A-MPDU

1.1 Standard

 An 802.11n access point using A-MSDU would receive multiple

802.3 frames, remove the 802.3 headers and trailers, and then wrap

the multiple MSDU payloads into a single 802.11 frame for

transmission\

 The size of an A-MSDU must not exceed the maximum A-MSDU

size that a STA is capable of receiving An STA can support one of

two maximum lengths: Maximum A-MSDU Length = 0 (3839

MAC layer enhancement

2 Support U-APSD (Unschedule Automatic Power Save Delivery)

1.1 Standard

Every power management method that is used in the real world works from the same basic power management structure, as illustrated in the following steps andfigures:

 Step 1: Before a station goes into the doze state, it sends a frame, usually a null data frame, to the AP indicating that power management is enabled

 Step 2: Once the station indicates that it is in Power Save mode, the AP begins to buffer all frames destined to that station

 Step 3: When the station goes into the awake state (more on that later), it sends a frame to the AP in order to begin the data retrieval process

 Step 4: When the AP has finished sending all buffered data to the station, the station goes back into the doze state

There are three methods of power management that are used today in the 802.11 family:

 802.11 power management

 Unscheduled automatic power save delivery (U-APSD) from the 802.11e amendment

 Power save multi-poll (PSMP) from the 802.11n amendment

802.11e Unscheduled Automatic Power Save Delivery

 Third Step: When U-APSD is used, the station typically sends null data frames in order to retrieve buffered unicast frames from the AP

 Fourth Step: When U-APSD is used, stations must notify the AP that they are going back into Power Save mode by sending a frame

MAC layer enhancement

2 Support U-APSD (Unschedule Automatic Power Save Delivery)

1.2 Action packet capture

1.3 Next action

=> Support 802.11e Unscheduled Automatic Power Save Delivery

CWNA document: CWAP document:

WiFi web link study: https://mrncciew.com/2014/10/12/cwap-802-11-medium-contention/

CWSP document:

THANK YOU