Once authentication has completed, stations can associate with an access point (or reassociate with a new access point) to gain full access to the network. Association is a recordkeeping procedure that allows the distribution system to track the location of each mobile station, so frames destined for the mobile station can be forwarded to the correct access point. After association completes, an access point must register the mobile station on the network so frames for the mobile station are delivered to the access point. One method of registering is to send a gratuitous ARP so the station's MAC address is associated with the switch port connected to the access point.
Association is restricted to infrastructure networks and is logically equivalent to plugging into a wired network. Once the procedure is complete, a wireless station can use the distribution system to reach out to the world, and the world can respond through the distribution system. 802.11 explicitly forbids associating with more than one access point.
Association Procedure
The basic association procedure is shown in Figure 8-9.
Figure 8-9. Association procedure
Like authentication, association is initiated by the mobile station. No sequence numbers are needed because the association process is a three-step exchange. The two frames are management frame subtypes defined by the specification. As unicast management frames, both steps in the association procedure are composed of an association frame and the required link-layer acknowledgment:
- Once a mobile station has authenticated to an access point, it can issue an Association Request frame. Stations that have not yet authenticated receive a Deauthentication frame from the access point in response.
- The access point then processes the association request. 802.11 does not specify how to determine whether an association should be granted; it is specific to the access point implementation. One common consideration is the amount of space required for frame buffering. Rough estimates are possible based on the Listen Interval in the Association Request frame.
- When the association request is granted, the access point responds with a status code of 0 (successful) and the Association ID (AID). The AID is a numerical identifier used to logically identify the mobile station to which buffered frames need to be delivered. More detail on the process can be found in the "Power Conservation" section of this chapter.
- Unsuccessful association requests include only a status code, and the procedure ends.
- The access point begins processing frames for the mobile station. In all commonly used products, the distribution system medium is Ethernet. When an access point receives a frame destined for an associated mobile station, that frame can be bridged from the Ethernet to the wireless medium or buffered if the mobile station is in a powersaving state. In shared Ethernets, the frame will be sent to all the access points and will be bridged by the correct one. In switched Ethernets, the station's MAC address will be associated with a particular switch port. That switch port is, of course, connected to the access point currently providing service for the station.
Reassociation Procedure
Reassociation is the process of moving an association from an old access point to a new one. Over the air, it is almost the same as an association; on the backbone network, however, access points may interact with each other to move frames. When a station moves from the coverage area of one access point to another, it uses the reassociation process to inform the 802.11 network of its new location. The procedure is shown in Figure 8-10.
Figure 8-10. Reassociation procedure
The mobile station begins the procedure associated with an access point. The station monitors the quality of the signal it receives from that access point, as well as the signal quality from other access points in the same ESS. When the mobile station detects that another access point would be a better choice, it initiates the reassociation procedure. The factors used to make that decision are product-dependent. Received signal strength can be used on a frame-by-frame basis, and the constant Beacon transmissions provide a good baseline for signal strength from an access point. Before the first step, the mobile station must authenticate to the new access point if it has not done so already.
Figure 8-10 depicts the following steps:
- The mobile station issues a Reassociation Request to the new access point. Reassociation Requests have content similar to Association Requests. The only difference is that Reassociation Request frames contain a field with the address of the old access point. The new access point must communicate with the old access point to determine that a previous association did exist. Although a standard inter-access point protocol was defined by the IEEE, many implementations remain proprietary. If the new access point cannot verify that the old access point authenticated the station, the new access point responds with a Deauthentication frame and ends the procedure.
- The access point processes the Reassociation Request. Processing Reassociation Requests is similar to processing Association Requests; the same factors may be used in deciding whether to allow the reassociation:
- If the Reassociation Request is granted, the access point responds with a Status Code of 0 (successful) and the AID.
- Unsuccessful Reassociation Requests include just a Status Code, and the procedure ends.
- The new access point contacts the old access point to finish the reassociation procedure. This communication is part of the IAPP.
- The old access point sends any buffered frames for the mobile station to the new access point. 802.11 does not specify the communication between access points. At the conclusion of the buffered frame transfer:
- Any frames buffered at the old access point are transferred to the new access point so they can be delivered to the mobile station.
- The old access point terminates its association with the mobile station. Mobile stations are allowed to associate with only one access point at any given time.
- The new access point begins processing frames for the mobile station. When it receives a frame destined for the mobile station, that frame is bridged from the Ethernet to the wireless medium or buffered for a mobile station in a powersaving mode.
Reassociation is also used to rejoin a network if the station leaves the coverage area and returns later to the same access point. Figure 8-11 illustrates this scenario.
Figure 8-11. Reassociation with the same access point
What Is Roaming?
Roaming is not a word used in the 802.11 standard at all. (A task group recently formed to address roaming issues, but it is far from completing its work.) However, people use the word roaming informally a great deal when talking about 802.11. Generally speaking, most people are referring to the process of moving from one access point to another.
Roaming has suffered a bit from "buzzword overload" in the past few years, and now means different things to different speakers. At the most basic level, roaming is the process of moving a station between APs. How does a station decide to move between APs? The 802.11 standard has nothing to say on the matter. Decisions to move between APs are based entirely on the hardware and software, and up to each manufacturer. Some client devices will pick up on the strongest signal available when the interface is initialized, and hang on for dear life, only moving when the initial AP is no longer reachable. Some devices will always head for the strongest available signal, which may result in flip-flops between APs when two signals are evenly balanced. Still other devices will incorporate recent history into roaming decisions to avoid excessive movements between two nearby APs. How stations decide if and when to move between APs is entirely up to the manufacturer. With apologies to Milton Friedman, roaming is always and everywhere a client phenomenon.
Digging deeper into a second level of meaning, "roaming" is also used to discuss how a station can change APs while keeping active network connections open. If IP subnet boundaries are involved, this is an added level of complexity that needs to be addressed outside any standards. Chapter 21 discusses how to build a wireless LAN, and discusses how to achieve seamless roaming across arbitrary network topologies.
Roaming is sometimes given yet another meaning, referring to the process of moving a network session from one network (say, an 802.11 wireless LAN) to another disparate network (say, a 3G mobile telephone network). The IEEE has started another working group to define roaming operations to move network sessions and state between different types of IEEE 802 networks.
|