IEEE 802.11 Wireless LAN Architecture and Components
IEEE 802.11 is the family of standards that defines how wireless LANs (WLANs) work. Every time you connect to Wi-Fi, you're using some version of 802.11. Understanding its architecture, MAC protocol, and security evolution is central to grasping how wireless networking operates at the link layer.
Architecture of IEEE 802.11 wireless LANs
An 802.11 WLAN is built from two core components:
- Access Points (APs) act as base stations for the wireless network. They bridge wireless devices to the wired network infrastructure and handle client authentication and association. Think of an AP as the wireless equivalent of an Ethernet switch port.
- Stations (STAs) are the wireless endpoint devices: laptops, smartphones, tablets, IoT sensors, etc. Each STA connects to the network through an AP.
These components operate in one of two modes:
- Infrastructure mode is what you use in almost every real-world scenario. Wireless devices communicate through an AP that's connected to a wired network, giving them internet access and access to shared resources. All traffic between STAs passes through the AP, even if two STAs are sitting right next to each other.
- Ad-hoc mode (also called peer-to-peer or IBSS) lets wireless devices talk directly to each other without any AP. This is useful for temporary setups or situations with no wired infrastructure, but it's far less common in practice.
IEEE 802.11 Medium Access Control (MAC) Protocol
MAC protocol in IEEE 802.11
Wireless networks can't detect collisions the way Ethernet does (with CSMA/CD), because a wireless radio can't transmit and listen at the same time on the same channel. Instead, 802.11 uses Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA), which tries to prevent collisions rather than detect them.
Here's how CSMA/CA works step by step:
- A station wanting to transmit first senses the medium (the wireless channel).
- If the medium is idle for a period called the DIFS (Distributed Inter-Frame Space), the station transmits.
- If the medium is busy, the station waits until it becomes idle, then waits an additional random backoff period before attempting again. This randomness reduces the chance of two waiting stations transmitting at the exact same moment.
- After the receiver gets the frame, it waits a short period (SIFS) and sends back an ACK. If the sender doesn't receive an ACK, it assumes a collision occurred and retries with a longer random backoff.
The Hidden Node Problem and RTS/CTS
A classic issue in wireless: Station A can hear the AP, and Station C can hear the AP, but A and C can't hear each other. Both might transmit simultaneously, causing a collision at the AP. This is the hidden node problem.
The RTS/CTS (Request to Send / Clear to Send) mechanism addresses this:
- The sender transmits a short RTS frame to the receiver, specifying how long the upcoming data transmission will take.
- The receiver responds with a CTS frame, which repeats that duration.
- Any station that overhears either the RTS or the CTS knows to defer its own transmissions for the specified duration.
This way, even stations hidden from the sender will hear the CTS from the receiver and stay quiet.
DCF vs. PCF
- Distributed Coordination Function (DCF) is the fundamental access method. It uses the CSMA/CA mechanism described above and is suitable for regular asynchronous data transfer.
- Point Coordination Function (PCF) is an optional, centralized method for time-sensitive traffic. The AP acts as a coordinator and polls individual stations, giving them turns to transmit. PCF was rarely implemented in practice; newer standards use other QoS mechanisms instead.
IEEE 802.11 Standards and Characteristics
Characteristics of IEEE 802.11 standards
The 802.11 family has evolved significantly over the years. Each new standard brought higher data rates, better range, or improved efficiency.
| Standard | Frequency Band | Max Data Rate | Key Features |
|---|---|---|---|
| 802.11a | 5 GHz | 54 Mbps | Shorter range than 2.4 GHz; less interference |
| 802.11b | 2.4 GHz | 11 Mbps | Longer range; more susceptible to interference |
| 802.11g | 2.4 GHz | 54 Mbps | Backward compatible with 802.11b |
| 802.11n (Wi-Fi 4) | 2.4 GHz and 5 GHz | 600 Mbps | Introduced MIMO (Multiple Input Multiple Output) using multiple antennas for better throughput and range |
| 802.11ac (Wi-Fi 5) | 5 GHz | 6.9 Gbps | Introduced MU-MIMO, allowing simultaneous transmission to multiple clients; wider channels (up to 160 MHz) |
| 802.11ax (Wi-Fi 6) | 2.4 GHz and 5 GHz | 9.6 Gbps | Designed for dense environments; uses OFDMA to serve multiple users on subsets of a channel simultaneously; Target Wake Time (TWT) improves battery life for IoT devices |
| A few things worth noting: the 2.4 GHz band has longer range but only three non-overlapping channels and more interference (from microwaves, Bluetooth, etc.). The 5 GHz band offers more non-overlapping channels and less interference, but signals attenuate faster through walls. The max data rates listed are theoretical; real-world throughput is always lower. |
IEEE 802.11 Security Mechanisms
Security mechanisms for IEEE 802.11
Wireless security has gone through several generations, each fixing serious flaws in the previous one.
- WEP (Wired Equivalent Privacy) was the original 802.11 security mechanism. It used RC4 stream cipher with a static shared key for both encryption and authentication. WEP turned out to be deeply flawed: its short 24-bit initialization vector (IV) repeated frequently, making it possible to crack the key in minutes with freely available tools. WEP should never be used.
- WPA (Wi-Fi Protected Access) was an interim fix released before the full 802.11i standard was ready. It replaced WEP's static keys with TKIP (Temporal Key Integrity Protocol), which generates a new key for every packet. WPA also introduced 802.1X authentication using the Extensible Authentication Protocol (EAP) for enterprise environments. TKIP was a significant improvement but still relied on RC4 internally.
- WPA2 became mandatory for all certified 802.11 devices starting in 2006. It replaced TKIP/RC4 with AES encryption using the CCMP (Counter Mode CBC-MAC Protocol), which is far stronger. WPA2 supports two modes: Enterprise mode (802.1X with a RADIUS server) and Personal mode (Pre-Shared Key / PSK, where all users share the same passphrase).
- WPA3 is the latest standard. Its most notable improvement is SAE (Simultaneous Authentication of Equals), which replaces the PSK four-way handshake with a more robust key exchange that resists offline dictionary attacks. WPA3 also provides forward secrecy (compromising one session's key doesn't expose past sessions) and offers an optional 192-bit security suite for sensitive environments.
The progression from WEP → WPA → WPA2 → WPA3 is a common exam topic. The key transitions to remember: WEP used static keys and was broken; WPA introduced per-packet keys via TKIP; WPA2 moved to AES/CCMP; WPA3 added SAE and forward secrecy.