CS 447/557 Computer Forensics
Download
Report
Transcript CS 447/557 Computer Forensics
CSCD 439/539
Wireless Networks and Security
CSDA/CA, Frames
Lecture 4
Fall 2007
Some Material in these slides from J.F Kurose and K.W. Ross
All material copyright 1996-2007
1
Overview
• MAC Layer
– CSMA/CA as opposed to Ethernet’s
CSMA/CD
– Mandatory and optional implementations of
MAC schemes
– Practical notes on MAC and alternative
schemes
2
Background
• Last time
– Looked at architecture, how stations and AP’s
connect within a network
– Typically, 802.11 networks are attached in
some way to an Ethernet or wired network
• Said they differ because many things can
interfere with the signal which is broadcast
– Compared with wired networks where signal
is contained … in the wires
3
802.11 MAC Introduction
• Key to 802.11 specification is the Medium
Access Control Layer (MAC)
– Recall Ethernet nodes sense the medium, transmit if
the medium is idle, and listen for collisions
(CSMA/CD)
– If a collision is detected, after a back-off period, node
retransmits the frame
– Collision detection is not feasible in WLANs
– Node cannot know whether signal was corrupted due
to channel interference or actual collision
– Thus, IEEE 802.11 uses Carrier Sense Multiple
Access Collision Avoidance (CSMA/CA)
• Adopts collision avoidance, rather than collision detection
4
Why CSMA/CD Does Not Work
• Collision detection
problems
– Hidden terminal
A can’t
see C
Terminals are hidden
from each other kind
Hidden
A
– Exposed terminal
• Because of
interference,
terminals don’t think
they can send to a
terminal when they
can
B
C
C can’t
see A
Exposed
A
B
C
D
C doesn’t transmit
to D because it
senses B and A 5
Hidden Terminal Effect
• Hidden terminals: A, C cannot hear each
other
– Obstacles in the way or distance
– Both transmit to B, collisions at B
– Collision if 2 or more nodes transmit at
same time
bits Crash
• CSMA makes sense if:
– You’re the only one transmitting
– Able to avoid collision if you sense
another transmission
• Yet, collision detection doesn’t work in this
case, CSMA/CD – Ethernet style
• But, simple collision avoidance in
CSMA/CA isn’t so good either
6
Exposed Terminal Effect
• Do this on the board …
7
802.11 MAC Specifications
• Because there are still problems with collisions, 802.11
has several MAC choices
• In 802.11 there are several flavors of Access methods
– MAC-DCF CSMA/CA (mandatory)
• Physical channel sensing
• Collision avoidance via randomized “back-off” mechanism
• Minimum distance between consecutive packets
• ACK packet (not for broadcasts)
– MAC-DCF w/ RTS/CTS (optional)
• Physical AND Virtual channel sensing
• Distributed Foundation Wireless MAC
• Avoids hidden terminal problem
– MAC- PCF (optional)
• Access point polls terminals according to a list
8
802.11 MAC Specifications
• The DCF is the basis of the standard
CSMA/CA access mechanisms
– Like Ethernet, first checks that radio link is
clear before transmitting
– To avoid collisions, stations use a random
backoff after each frame
• First transmitter seizes the channel
– DCF may use CTS/RTS clearing technique to
further reduce the possibility of collisions
9
802.11 MAC Specifications
• DCF (Distributed Coordination Function) details
1. Carrier Sense Multiple Access Collision
Avoidance CSMA/CA
– Each unit senses medium before it starts to
transmit Called physical channel sensing
– If medium is free for several microseconds
(DIFS), unit can transmit for a limited time
– If medium is busy, unit will back off for a
random time before it senses again
10
IEEE 802.11 Medium Specifications
CSMA Version of the Protocol
Sense channel idle for DIFS sec (Distributed Inter Frame Space)
transmit frame (no Collision Detection)
Receiver returns ACK after SIFS (Short Inter Frame Space)
if channel sensed busy => binary backoff (like Ethernet)
NAV: Network Allocation Vector – essentially a timer is set for other
stations
See next slide …
11
Carrier Sensing Details
• 802.11 requires carrier sensing to
determine if medium available.
• Two types of carriersensing functions in
802.11 manage this process:
– physical carrier-sensing
– virtual carrier-sensing functions
• If either carrier-sensing function indicates
medium is busy, MAC reports this to
higher layers
12
Carrier Sensing Details
• Physical carrier-sensing functions provided by
physical layer
– Depend on medium and modulation used
– It is difficult or expensive to build good physical
carrier-sensing hardware for RF-based media
• Transceivers can transmit and receive simultaneously only if
they incorporate expensive electronics
• Most 802.11 hardware is half-duplex, can’t send/receive at
the same time
• Plus, hidden nodes still possible so physical carrier-sensing
cannot provide all the necessary information
13
Carrier Sensing Details
• Virtual carrier-sensing is provided by the
Network Allocation Vector (NAV)
– Most 802.11 frames carry a duration field
– Can reserve medium for a fixed time
– The NAV is a timer that indicates the amount of time
the medium will be reserved
– Stations set NAV to time for which they expect to use
the medium,
– Other stations count down from the NAV to 0
– When NAV is nonzero, virtual carrier-sensing function
says medium is busy
– When NAV reaches 0, virtual carrier-sensing function
says medium is idle
14
Virtual Carrier Sensing with RTS/CTS and NAV
NAV is carried in frame headers on the RTS and CTS frames; it is
depicted on its own line show NAV relating to actual transmissions in
the air.
When NAV bar is present on NAV line, stations defer access to medium
because virtual carrier-sensing mechanism indicates busy medium
15
Node1
Node2
• To ensure sequence is not interrupted, Node1 sets the NAV in its
RTS to block access to the medium while the RTS transmitted
• All stations hear RTS defer access to medium until NAV elapses
• RTS frames not necessarily heard by every station in network
• So, Node2, the receiver of intended transmission responds with CTS
that includes shorter NAV
• This NAV prevents other stations from accessing medium until
transmission completes
• After sequence completes, the medium can be used by any station
after distributed interframe space (DIFS), shown by contention
window, Backoff
16
Interframe Spacing
• Like Ethernet, interframe spacing plays a large role in
coordinating access to the transmission medium
– 802.11 uses four different interframe spaces
– Three are used to determine medium access
• SIFS, DIFS, PIFS
17
Interframe Spacing
• Varying interframe spacings create different
priority levels for different types of traffic
• Logic behind this is simple:
– High-priority traffic doesn’t have to wait as long after
the medium is idle.
– So, if any high-priority traffic waiting, it grabs network
before low-priority frames have a chance
– To assist with interoperability between different data
rates, the interframe space is a fixed amount of time,
independent of the transmission speed
18
Interframe Spacing
• Short interframe space (SIFS)
– SIFS used for highest-priority transmissions, such as RTS/CTS
frames and positive acknowledgments
– High-priority transmissions can begin once the SIFS has elapsed
• PCF interframe space (PIFS)
– PIFS, sometimes erroneously called the priority interframe
space, is used by the PCF during contention-free operation
– Stations with data in the contention-free period can transmit after
the PIFS has elapsed and preempt any contention-based traffic
• DCF interframe space (DIFS)
– DIFS is minimum medium idle time for contention-based
services
– Stations may have immediate access to the medium if it has
been free for a period longer than the DIFS.
19
DCF Backoff
• After frame transmission has completed and the DIFS
has elapsed, stations may attempt to transmit
congestion-based data
• Period called, contention window or backoff window
follows the DIFS
• Window is divided into slots
– Slot length is medium dependent
– Higher-speed physical layers use shorter slot times
– Stations pick a random slot and wait for that slot before
attempting to access the medium
– All slots are equally likely selections
– When several stations are attempting to transmit, the station that
picks the first slot (the station with the lowest random number)
wins.
– As in Ethernet, backoff time is selected from a larger range each
time a transmission fails
20
DCF Backoff Continued …
• Contention window sizes are always 1 less
than a power of 2
– e.g., 31, 63, 127, 255
– Each time the retry counter increases, the
contention window moves to the next greatest
power of two
– The maximum size of the contention window
is limited by the physical layer
– For example, the DS physical layer limits the
contention window to 1023 transmission slots
21
DCF Backoff Finished
• When contention window reaches its maximum
size, it remains there until it can be reset
– Allowing long contention windows when several
competing stations are trying to transmit keeps MAC
algorithms stable even under maximum load
– Contention window is reset to its minimum size when
frames are transmitted successfully, or associated
retry counter is reached, and the frame is discarded
22
Practical 802.11 MAC Advice
23
Practical 802.11 MAC
• Hidden Node Problem
– Other solutions to this problem
– Increase power to nodes
• Increasing the power of the nodes can solve the hidden node
problem by allowing the cell around each node to increase in
size, encompassing all of the other nodes.
– Use omnidirectional antennas
• Since nodes using directional antennas are nearly invisible to
nodes that are not positioned in the direction the antenna is
aimed at, directional antennas should be used only for very
small networks (e.g., dedicated point-to-point connections).
24
Practical 802.11 MAC
• Hidden Node Problem
– Other solutions to this problem
• Remove Obstacles
– Increasing the power on your mobile nodes may not work if, for
example, the reason one node is hidden is that there is a
cement or steel wall preventing communication with other
nodes
• Move the Node
– Another method of solving the hidden node problem is moving
the nodes so that they can all hear each other. If you have
found that the hidden node problem is the result of a user
moving his computer to an area that is hidden from the other
wireless nodes, you may have to force that user to move again.
25
Practical 802.11 MAC
• Frottle (Freenet throttle) is an open source GNU GPL
project to control traffic on wireless networks
– Such control eliminates the common hidden-node effect even on
large scale wireless networks
• Frottle works by scheduling traffic of each client, using a
master node to co-ordinate actions
– Eliminates collisions, and prevents clients with stronger signals
from receiving bandwidth bias
• Frottle developed and tested on large community
wireless network of WaFreeNet
• We have found running frottle has given us a significant
improvment in the network usability
http://frottle.sourceforge.net/
26
Practical 802.11 MAC
More thoughts …
1. RTS/CTS has very high overhead, particularly for small
packets and where stations have variable rates. May be
prohibitively expensive to use
2. Most current deployments of 802.11 are based on a
cellular infrastructure, and are not ad hoc
Neighboring cells are usually configured to operate on
different channels (frequencies) explicitly so hidden
terminal problems on the downlink (to the wireless LAN
clients) are actually rare
On the uplink, hidden terminals could occur, but often
these packets are small (e.g., TCP ACKs) and the
RTS/CTS overhead is then significant
27
Practical 802.11 MAC
3. In practice, many commercial WiFi cards can sense carrier as “busy”
even when they can’t decode the bits, reducing the need for explicit
reservations
An entirely different approach to sharing wireless channels is to
allocate access by time.
This approach used in some cellular telephone networks, where base
station determines a transmission time-schedule for clients
In general, at high loads, time division makes sense; otherwise, slots
are wasted
Avoiding this waste in TDMA usually makes protocols more complex. At
the same time, CSMA based approaches don’t perform too well
when there is heavy, persistent load from a large number of nodes.
Much work has been done in the community on MAC protocols,
including on hybrid CSMA/TDMA protocols
Ref.: http://nms.csail.mit.edu/6.829-f05/lectures/L11-wlessmac.pdf
28
Measurement of RTS/CTS and
CSMA/CA
• Other papers relating to hidden node problem
and performance of MAC
– http://portal.acm.org/citation.cfm?id=1143703
Looks at timing of backoff slots as solution
--------------------------------------------------------------– http://patraswireless.net/software.html
Protocol booster –
WiCCP is a protocol booster for 802.11b DCF based
wireless networks, that provides cyclic token-passing
medium access, and scheduled allocation of the
available network resources, eliminating the "Hidden
Node" problem.
29
Summary
• Looked at MAC part of 802.11
– Problems encountered not found in wired
networks
– More complicated way of dealing with
collisions on broadcast radio networks
– Also, practical ways of avoiding collisions
– Some research in this area …
30
Finish
Next time
• Gone on Wed. - Conference
• See reading on Course Notes page
• Assignment – Assignment page
31