It’s been sometime since I posted anything proper on the internet, but recently I was reading about how WiFi is deployed in enterprise and the wireless subsystem in the Linux kernel. So I thought it would be nice to have a self note about it in form of a short blogpost.
Wireless communication
A WNIC can operate in two ways:
- Infrastructure mode ( AP Topology )
- uses Infrastructure BSS
- BSSID is usually the MAC address of the AP
- AdHoc mode
- uses Independent BSS ( IBSS )
- BSSID for AdHoc is the IBSS which is a randomly generated bit string for each peer
- Do not use a mac address
- IBSS
- A BSS that forms a self-contained network, and in which no access to a distribution system (DS) is available.
In the infrastructure mode there are two types of Service sets:
- BSS (Basic SS)
- A BSS consists of a group of computers and one AP, which links to a wired LAN
- ESS (Extended SS)
- Multiple BSS
- An ESS consists of more than one AP. An ESS lets mobile users roam anywhere within the area covered by multiple APs.
- When in an ESS, user is unaware of which BSS they belong to they will reuse the SSID/ESSID.
A note about SSID, BSSID and ESSID
- Service Set Identifier (SSID) : SSID is the Name of a Network (name of the WLAN)
- Basic Service Set Identifier (BSSID) : Identify Access Points and Their Clients in a multiple AP setup
- ESSID : is the same as SSID here.
How our machines connect to our WNICs
+-----------+ +--------+ +------+ +-----------+
| userspace +-->+ kernel +-->+ WNIC +-->external AP|
+-----------+ +--------+ +------+ +-----------+
Most of the info here on will be Linux specific. It’s important to understand there are 2 paths in which userspace communicates with the kernel when we’re talking about WiFi:
- Data Path/(TX/RX) Path: The data being received is passed from the wireless driver to the netdev core
- Control Path: scan/authentication/association
WNIC
WNICs can be of two types based on management of MLME (MAC Sublayer Management Entity) :
- SoftMAC
- Example Hardware: Most laptops
- Example Hardware Driver: iwlwifi
- HardMAC/FullMAC
- Example Hardware: Rpi3
- Example Hardware Driver: brcm80211
If the WNICs wants to talk to the kernel then it has to use the cfg80211 interface.
- HardMAC WNICs using HardMAC drivers have to implement the cfg80211 interfaces fully themselves.
- SoftMAC WNICs using SoftMAC drivers can use linux kernel’s mac80211 framework to talk to cfg80211.
NOTE: MLME (MAC Sublayer Management Entity) MLME is the management entity where the Physical layer (PHY) MAC state machines reside.
Kernel
- cfg80211: Kernel side of configuration management for wireless devices.
- works with FullMAC-drivers and also with mac80211-based drivers.
- mac80211 A driver API for SoftMAC wireless cards.
- mac80211 registers itself with cfg80211 by using the
cfg80211_ops - specific HW driver(eg. iwlwifi) registers itself with mac80211 by using the
ieee80211_ops
- mac80211 registers itself with cfg80211 by using the
Userspace
-
nl80211 : User-space side of configuration management for wireless devices. It is a Netlink-based user-space protocol.
- Netlink is designed and used for transferring miscellaneous networking information between the kernel space and userspace processes.
- The libnl suite is a collection of libraries providing APIs to netlink protocol based Linux kernel interfaces. It is designed for building command line tools and is blocking in nature for a generic netlink family discovery.
- ELL (successor to libnl, maybe?)
- Netlink is designed and used for transferring miscellaneous networking information between the kernel space and userspace processes.
-
wpa_supplicantis supposed to handle MLME commands- If you want to use WPA/WPA2 you need to use
wpa_supplicant - it is probably being replaced by
iwdiwdhas a interactive command mode callediwctl
- If you want to use WPA/WPA2 you need to use
-
iw: It is a new nl80211 based CLI configuration utility for wireless devices.
- successor to
iwconfig - not related to
iwdin terms of development - When using this tool, it is important to distinguish between the WiFi hardware (or PHYsical layer) and the WiFi interface (or MAC layer).
- PHY layer:
iw phy - Interface Layer:
iw dev
- PHY layer:
- successor to
Additional Jargons:
- WifiAP == Hotspot
- Wifi Client == Wifi station
About Multiple interfaces
Multiple interfaces can be used to run something like a station on wlan0 and an AP on wlan1 (depending on the HW). Otherwise we can also have the connection coming on a eth0 and the AP on wlan0.
You can use linux virtual networking devices like bridge to pass the internet over.
Some random commands
$ sudo iw dev wlp2s0 scan | less
$ sudo iwlist wlp2s0 scanning
Useful Links
- Wikipedia - WNIC
- Source - nl80211.h
- Wikipedia - WiFi Management Frames
- How nl80211 works
- HostAPd and wpa_supplicant
- Arch Linux wiki on SW AP
- Enterprise WAP
- Short intro to iw usage
