Reprint please indicate the source: http://blog.csdn.net/Righthek thank you!
Because the Wi-Fi network is mobile, and WiFi uses radio waves as the transmission media, this media is essentially open and easy to intercept. Anyone can use a packet capture tool to intercept packets in the wireless network. Therefore, we need to provide some data transmission and management services when designing the WiFi protocol (actually the 802.11 Protocol.
1. Distributed)
This service is used as long as a mobile site in a basic structured network transmits any data. Once the base station receives the frame. The distributed service is used to send frames to the destination. Any communication through the base station will communicate with each other through distributed services, including the two mobile sites connected to the same base station.
2. Integration)
The integrated service is provided by a distributed system that connects the distributed system to a non-IEEE 802.11 Network. The integration function will vary with the distributed systems used. Therefore, except for the services that must be provided, 802.11 is not standardized.
3. Association)
The reason why a frame can be transferred to a mobile site is that the mobile site registers with the base station or is associated with the base station. After Association, the distributed system can determine which mobile site to use based on the login information. If you use the robust security network protocol (robust security network protocol), you can connect to it before performing identity authentication. Before the authentication is completed, the base station will discard all data from the site.
4. reassociation)
When a mobile site moves between basic service areas in the same extended service area, it must evaluate the signal strength at any time and switch the connected access point as necessary. Reassociation is initiated by a mobile site. This is done when the signal strength shows that it is best to switch the associated object. The access point cannot directly enable the re-Association service.
Once the reassociation is completed, the distributed system updates the site location record to indicate which base station can be used to contact the site. Like connection services, data from sites will be discarded unless identity authentication has been completed successfully in a strong security network.
5. disassociation)
To end the existing association, the site can use the unassociated service. When the site starts to remove the associated service, the associated data stored in the distributed system will be removed immediately. Once the association is removed, the site is no longer attached to the network. Disassociation is a polite action when the site is shut down. However, Mac has taken into account that the site has not been officially removed.
6. Authentication)
Physical security protection is an indispensable part of wired LAN security solutions. The network and connection point (attachment point) are restricted and can be accessed only in the office area after the peripheral access control device (perimeter access control device. Network devices can be protected by locked wiring closet, while network sockets in the office and compartment are connected to the network only when necessary. Wireless Networks cannot provide physical protection at the same level. Therefore, you must rely on an additional identity authentication program to ensure that users accessing the network are authorized. Identity Authentication is a prerequisite for association. Only authenticated users can use the network.
When connecting a site to a wireless network, you may have to undergo multiple authentication. Before Association, the site performs basic identity authentication with the base station based on its own MAC address. At this time, identity authentication is usually called 802.11 identity authentication, which is different from subsequent, secure and encrypted user identity authentication.
7. deauthentication)
Unauthenticated is used to end a authentication relationship. Because identity authentication is required before the network can be used, the side effect of de-authentication is to terminate the current Association. In a strong security network, key information is also cleared when authentication is revoked.
8. Confidentiality)
In wired Local Area Networks, solid entity control can prevent a vast majority of data attacks. Attackers must be able to access the network media before they can peat the contents. In a wired network, the network is subject to physical protection like other computing resources. In terms of design, it is relatively easy to access the wireless network, as long as the correct antenna and modulation method are used.
802.11 at the first revision, the confidentiality service was originally called the Privacy Service, and is a Wired Equivalent encryption (Wired Equivalent Privacy, WEP for short) that has no credibility) provided by the Protocol. In addition to the new encryption mechanism, 802.11i also provides two key services that cannot be solved by WEP to enhance confidentiality, namely user-based authentication and key management services.
9. msdu Transmission
If a network cannot transmit data to the receiver, it is useless. The msdu (MAC service data unit) transmission service provided by the workstation is responsible for transmitting data to the actual receiving end.
10. Transmission Power Control (TPC)
TPC is a new service defined in 802.11h. European standards require that sites operating in the 5 GHz band must be able to control the transmission power of radio waves to avoid interference with other users using the 5 GHz band. Transmission Power Control also helps avoid interference with other wireless local networks. Transmission distance is a function of transmission power: the higher the transmission power of the site, the farther the transmission distance will be, and the more likely it will interfere with neighboring networks. If you can adjust the transmission power to "just right" (just right), you can avoid interference to neighboring sites.
11. Dynamic Frequency selection (DFS)
Some radar systems work in the 5 GHz band. As a result, some control authorities force that wireless local area networks be able to detect radar systems and select frequencies not used by radar systems. Some control authorities even require Wireless LAN to be able to use the 5 GHz band in a balanced manner, so the network must be able to reconfigure channels (re-map channels.
Reprint please indicate the source: http://blog.csdn.net/Righthek thank you!
[Smart Home] WiFi network structure (II)