In order to set up a wireless network the engineers had to deal with a variety of different issues that are all unique to the problems involved with connecting PC's using radio transceivers. These problems include (but are certainly not limited to):

	What frequencies can be used? The FCC controls all radio frequency transmissions to prevent unauthorized transmissions from blocking authorized transmissions.
	Once a frequency band is found, how can the network remain reliable? How can the network transceivers deal with interference from other radio sources?
	How can a roaming station stay connected to the network even though it passes out of range of one "base station" and then into range of another "base station."
	How can the network remain secure? Since the network's transmissions are traveling through the air they are easily intercepted by any radio receiver in the vicinity.
	How can the network deal with hidden nodes? This term is used to refer to nodes that are within range of some of the nodes but beyond the range of some of the others. In this case a node in the middle would be caught in the cross fire of two nodes that can't hear each other transmitting simultaneously and interfering with each other.
	How can the network deal with phase shifting reflections? This term is used to refer to a common radio communication problem in which a transmission heading out in all directions from the transmitter intended for a specific target is inadvertantly reflected off of a third object and to the intended target. The two radio waves arrive out of phase and if shifted 180° will actually cancel out and completely kill the original signal.

Clearly then there were plenty of problems for the engineers to solve that are all related directly to the physical layer medium (radio waves) before they even began to actually design the transceivers and the Data Link layer technologies. The first problem was the frequency band. The engineers chose the 2.4Ghz to 2.4835Ghz radio frequency range because the FCC does not license this range. It is open and free to use for anyone which leads to the second problem that the engineers had to solve: how to deal with interference since anyone and everyone is allowed to transmit in this range.

Not only is this band wide open for any transmitter to use, it is the band that microwave ovens use. And as a matter of fact, wireless networks do have major problems with microwave ovens and now you know why. So what the engineers decided to do is the following:

Use spread spectrum radio transceivers. These send and receive on multiple frequencies simultaneously. So if one or two frequencies suffer from interference from some other radio source (like a microwave oven or a cellular telephone) the other frequencies will still work and get at least part of the message through.

Use ECC - Error Correction Code across the multiple frequencies so that if some bits do get damaged, then the receiver can detect which ones were lost and rebuild them on the fly.

As it turns out, using spread spectrum in which the transmitter and receiver constantly change the frequencies that they are using according to a prearranged pattern can also lead to extremely good security. However, since the frequency hopping sequence must be shared before the devices begin hopping, any NIC can receive this message and then follow the frequency hops, so the spread spectrum technology for wireless PC networking is completely insecure because all of the NICs are designed to share this information and it is only used for the purposes of protecting the transmissions from damage by other radio sources.

Two existing spread spectrum technologies were employed by WLANs: FHSS - Frequency Hopping Spread Spectrum, in which the two devices share the sequence of radio frequencies that they will hop around with and the clock timing that they will use to change the frequencies. The FCC requires the usage of 75 distinct radio frequencies from spread spectrum technology and a maximum dwell time on any given frequency of no more than 400ms.

The other spread spectrum technology already used in radio communications was DSSS - Direct Sequence Spread Spectrum. DSSS uses a different method in which a well known pattern of frequencies is always used and the ECC method is highly redundant in order to ensure reliable delivery of the data from one transceiver to the other. DSSS is far more popular in terms of stability and reliability and in fact FHSS based transceivers cause problems with the DSSS ones and will probably be phased out in the future.

Once these problems had been solved the next two problems could be tackled: securing a network from eavesdropping and allowing a roaming station to move out of range of one "base station" and into range of the other transparently without an interruption to the wireless node's connectivity to the network. The first problem was approached by defining the SSID - Service Set IDentifier. The base station can be set to a specific SSID that is unknown to anyone else. Then each node is also configured with the SSID. Now the members of the network can identify each other and reject systems that are not a member. However, the SSID resides in the unencrypted header of the packet stream and is easily sniffed out. So while the SSID does not serve the original notion of security it does serve to identify members of a particular wireless network and separates more than one WLAN that are within range of each other. ANother function of the SSID is that as a roaming system leaves the range of one "base station" and enters into the range of another, it will continue to transmit and receive using the same SSID. This allows that system to stay connected to the network seamlessly. This is the purpose and function of the SSID in modern WLANs. And also implies that the two different Access Points that are propogating the wireless access areas, also known as cells, must share their SSID's through the wired network superstructure to which they are attached which they do.

So the problem of security remains to be solved. The first attempt at securing the WLAN is called WEP - Wired Equivalent Privacy. WEP implies that the wireless network will achieve the same level of privacy as a wired network. This is done by using a shared 40-bit encryption key and encrypting the contents of the packets with it. The problem is that 1) it is shared meaning that if an eavesdropper is around during the initial negotiation of the encryption key they will get it also, and 2) a 40-bit encryption key is not that strong anyway and can easily be "brute force" cracked. So an eavesdropper can simply capture all of the encrypted packets and then give them to a brute force cracking program that will be able to decrypt them in a relatively short period of time. Also no good. Therefore WEP is far from "wired equivalent privacy" after all. Don't be fooled by 128-bit WEP, it is a nice strong sized encryption key but still suffers from WEP's fundamental flaws.

Wireless network security is now achieved using WPA - Wi-fi Protected Access. WPA rides on top of WEP but it uses another protocol called TKIP - Temporal Key Integrity Protocol to exchange the encryption keys in a secure fashion and to constantly change the encryption keys, making it much more difficult to employ a brute force cracking algorithm on a large set of captured packets. In other words the brute force cracker will take some time to crack a particular packet, but it will have to invest this time on each captured packet because the systems are constantly changing the encryption keys. Before any system can join the network and receive these constantly changing encryption keys it must be the recipient of an EAP - Extensible Authentication Protocol packet. EAP is a protocol that can ride on any physical/data link layer technologies (hence the name "extensible" since it can be employed at any OSI layer to support authentication and encryption of any other layer). EAP uses the exchange of assymmetric "public" keys to authenticate a system. For wireless LAN's the user must logon to a network server using EAP. Once the server responds to the logon request, the wireless devices notice the EAP authentication packet and will begin sharing the TKIP/WEP encryption keys with the device, otherwise they will refuse to share the keys and the device will never be able to decrypt any of the packets effectively cutting it off from the network. While this is all very effective it must be configured in order to actually work and exclude systems from the network. Most homes and even businesses are not doing this which leads to "wardriving" in which people drive around neighborhoods watching the NIC's carrier sense indicator and when they enter into a "base station's" area they attempt to communicate with the network. It is estimated that only 1/3 of home systems and as few as 1/2 of the business based systems are fully configured to use WPA and prevent unauthorized nodes from entering the network, all of the others will allow the wardriver access to the network.

The WLAN's NIC's are still referred to as NIC's, but the wireless repeater or "base station" is referred to as a WAP - Wireless Access Point, or simply an AP - Access Point. WAP's allow for the following functions:

	Extension of the average range between nodes, and creating a wireless access area also known as a cell.
	Enforcing any form of security such as WPA, by becoming the communications authority for the cell.
	Provides a Layer 2 Gateway for a wireless set of nodes onto a wired network.
	Two or more can be bridged together directly forming a much larger wireless roaming area or cell.
	Engage in "transparent bridge" behavior exchanging SSID's and maintaining communications with roaming nodes moving from one cell to another seamlessly and transparently by "passing off" support for the roaming node from one AP to the next as needed.

However, since a wireless NIC is a complete radio transceiver, it can send and receive to any NIC within range. Any number of wireless NIC's within range of each other are therefore capable of communicating with each other without the need of the WAP. Part of the wireless networking specifications is that any group of wireless NIC's within range of each other are allowed to establish a direct LAN with each other. Since all of the NIC's can at any time transmit to any other NIC, but only one transmission can occur at a time and all of the NIC's can listen to and receive it. This sounds the same as the bahavior of the Ethernet bus cable. Therefore the topology of the WLAN is the same as that of the Ethernet bus cable: WLANs have a physical bus topology. However, even though a wireless network can be formed by a group of NIC's communicating with each other as opposed to them all communicating through the WAP, remember that the logical topology is still referred to as a star and therefore the WLAN is called a star by definition. Each NIC accessing the network through the WAP along the invisible spoke of the radio transmissions between the individual NIC and the WAP.

When a group of NIC's communicate directly with each other and do not use a WAP this is referred to as a wireless network running in ad-hoc mode. All wireless network nodes support this, but any node should be configurable to refuse attempts to connect by other nodes in ad-hoc mode which basically has little to no security implementation whatsoever. But ad-hoc mode does allow any group of wireless nodes to quickly and easily form a network to share information on the fly as needed. Incidentally, all NIC's within an ad-hoc mode WLAN can direct a packet directly to any other node, which sounds like a physical mesh topology. But the authorities will still define a WLAN as a star.

When a set of nodes are accessing the network through a WAP this is referred to as infrastructure mode in which all of the nodes can be forced to authenticate and can be restricted from accessing the network. Therefore a network infrastructure can be enforced by using the WAP, hence the term.

The final issue to be resolved is then the problem of the hidden node. Here is the situation:

Node "B" is in range of both Nodes "A" and "C" but, Node "A" cannot detect Node "C" and Node "C" cannot detect Node "A". If something like Ethernet were to be employed, Node "B" would be constantly barraged by colliding packets coming from Nodes "A" and "C" and would be unable to stop it. Furthermore, Nodes "A" and "C" would never know that they were involved in collisions for the same reasons that they are causing them: they are beyond each other's range.

Clearly then implementing a set of rules of contention at Layer 2 similar to Ethernet cannot be done in a wireless environment. So the idea of simply broadcasting raw Ethernet frames into the airwaves will not work and consequently WLAN's do NOT do this. Instead a whole new set of Layer 2 rules of contention or Media Access Control specifications must be developed. The MAC layer of wireless LAN techmnologies employed in the PC is the central part of the open architecture industry standard document known as the IEEE 802.11 specification for wireless networks.

802.11 networks employ a MAC layer called CSMA/CA - Carrier Sense, Multiple Access with Collision Avoidance. In this scheme, nodes just like in Ethernet can tell that they are in range of other nodes because they detect the unmodulated base carrier waves being broadcast by them; this is the carrier sense part. All nodes have access to the medium (simply the air) at all times: this is the multiple access part. However, they must all participate in a completely different process from Ethernet in order to avoid collisions: the collision avoidance approach.

This is done by employing a 4-way or 4-step handshake. Handshake in communications simply means that devices must exchange packets verifying that they are using the same frequency, and data encoding, and that they are both ready for the transmission to take place. Modems for example engage in handshaking as they initiate communication causing the familiar two long tones followed by the garbled sounding hiss. The modems are establishing the exact sound frequencies that they are both capable of using: the two long tones. The hiss that ensues is also a handshake of the bits per second encoding, the transmitter first sends data at 14.4Kbps and waits for the other modem to respond to the packet indicating that it can understand 14.4Kbps, it them tries another at 28.8Kbps and again awaits for the response and so on until they both arrive at the maximum possible speed of 56Kbps or if the other modem does not respond to a speed, then the transmitter will revert to the previous speed that it did respond to. In WLAN handshaking, the goal is packet collision avoidance.

For example, Node "A" needs to transmit a packet. The first thing it does is transmit a "Cell available?" inquiry packet. These are very short consisting of an abbreviated packet header, only the SSID of the cell and no destination MAC address is needed, and a few bytes of content that literally mean "Can I begin a transmission?" There is a very short window of opportunity in which the WAP should respond with a "Cell Available" packet. If the WAP does NOT respond within the specified time with this response packet, then Node "A" must assume that the cell is NOT available (currently in use by another node that it cannot hear) and must generate a random number, wait that many time slices and attempt to initiate a transmission again with a new "Cell Available?" query.

Assuming that the WAP did send the "Cell Available" response packet, then that was step 2 of the handshake. Node "A" is not in the clear yet however and must now transmit a "Ready to Send" packet. This one is also short but it is slightly more detailed than the first one. The WAP must also respond within a certain timeout period with a "Clear to Send" packet. If it fails to do this, then Node "A" must assume that the cell became occupied and it must generate the random number, wait that number of time slices and start all over again with a "Cell Available?" query. If the WAP did respond in time with the "Clear to Send" packet, then Node "A" may begin transmitting its actual frames to the intended target transceiver.

How does the 4-way handshake help the cell avoid collisions? Let's look at the previous scenario where Node "A" and Node "C" are out of range of each other, and Node "B" is actually the WAP. (Ad-hoc cells function on the same principle and will be explained in a moment.) If both Node "A" transmits a "Cell available?" query and Node "C" transmits one within the response time window, then the WAP will NOT respond to either request. The dead air will be interpreted by both Nodes "A" and "C" as a "No, the cell is not available" and both will generate random backoff numbers then try again. Since they are random numbers, in theory one will make the request before the other. Say Node "C" had the shorter random wait and sends the request, and gets the "Cell available" response from the WAP. As the WAP sends the "Cell available" packet, Node "A" hears this, even though it did NOT hear Node "C" make the request. Since Node "A" has not sent a "Cell Available" request yet, but it did hear the WAP send an affirmation, this means that some other node has been given clearance to transmit. Node "A" must again pull a random number backoff and start a "Cell available" request all over again.

In the event that one sends the "Cell available" request and receives the "Cell is available" response AND the other node did not hear either transmission, and is going to make a "Cell available" request, then comes the "Ready to Send" packet which it cannot hear, it makes the "Cell available" request and the WAP makes the "Clear to Send" response ... to the other node. This second node realizes that this is NOT the response it expected which was a "Cell is available" packet. It assumes that some other node has just been given clearance to transmit a frame and must draw the random number and start all over again.

So the 4-way exchange ensures that under very unreliable conditions, a node that needs to transmit gets plenty of opportunities to realize that it cannot transmit or it will just collide with another node anyway. It seems at first glance that in a busy cell that nothing happens other than drawing random backoff numbers but remember that these query and response frames are only a few microseconds long, as are the response windows and the backoff times so within a very small fraction of a second, all nodes, even in a busy cell will get their chances.

The LLC sublayer of the Data Link layer of the wireless LAN technology will be responsible for not only constructing and deconstructing the packets but also for utilizing the spread spectrum method of transmission. That is, the frames will be formed and then split and then transmitted across the 75 frequencies that will be used along with a large and highly resilient quantity of ECC - Error Correction Code so that in the event the frame encounters heavy attenuation, RFI or phase shifting reflections that enough of the frame and the ECC code can reach the target that it can be reconstructed. So it is the LLC layer that will attempt to deal with the final problem listed above.

802.11 frames are quite confusing in that there exists what is called the PMD - Physical Media Dependent frame based on the actual radio frequency and transmission technique (DSSS, for example) being used. This is divided into two pieces called the PLCD - Physical Layer Control Protocol which defines what frequencies and techniques are being used so that the recipient can coordinate quickly and receive the frame. The second piece is called the MPDU - MAC Protocol Data Unit which carries the actual 802.11 frames that would resemble our Ethernet frames. The problem is further confounded in that there are several different Collision Avoidance techniques (not just the 4-way handshake) and each step and each process uses different sized frames.

Just as an example, here is the 802.11 RTS - Ready To Send frame format:

Here is the layout of a CTS - Clear To Send frame:

Within the 802.11 committee there are several subcommittees of importance. These cover specific technologies including the actual radio frequencies, ranges, spread spectrum types and frequencies, data encoding methods and data rates for specific transceivers establishing the engineering specification framework necessary for manufacturers to construct the NIC's and the WAP's to actually build a WLAN with.

While 802.11 did establish such standards these are now called "legacy" NIC's and WAP's with a maximum data rate of about 2Mbps and are considered deprecated and should be replaced. The most commonly used technologies have been 802.11a, 802.11b, and 802.11g. Recently 802.11n was officially delivered and now most "a," "b" and "g" equipment will become deprecated. But what do these subcommittees mean?

These 802.11 subcommittees define different frequencies, spread spectrum technologies, and data rates as follows:

LASM - Link Aggregate Spacial Multiplexing, provisional term

Ranges are given as typical to the maximum theoretical under ideal conditions for the technology. And it should be clear that the maximum is almost never actually achieved in practice while the typical ranges are much more likely but still not to be counted upon. Specific conditions including but not limited to RFI - Radio Frequency Interference and obstacles like walls can certainly cause problems, including phase shifting reflections, and reduce the effective range between nodes.

Each technology also separates the frequencies into discrete channels. In the case of 802.11b for example, a total of 14 discrete channels have been defined. Channel 1 is centered at 2.412GHz or 2412Mhz. Each channel must attentuate by 30dB at a distance of 11MHz from the center frequency in either direction meaning that the potential exists for crosstalk between channels up to 11MHz higher or lower than the center frequency. Since each channel is only 5MHz apart this means that using Channel 1 at 2412MHz and channel 2 at 2417MHz is not possible because the transmissions of either channel can and will interfere with each other. Here are the defined channels for 802.11b:

Certain nations have restrictions that do not allow all possible defined channels to be used there. Here is a basic breakdown of the international channel usage/availability:

802.11a defines 8 channels in the 5GHz band that are much wider that do not overlap like the 802.11b channels. Any of the 8 channels can be used in the same region without interfering with each other and thereby allowing 8 separate WLAN's to function in the same area. Because the 5Ghz 802.11a uses a much higher and much wider band of frequencies it is capable of moving a higher data rate than the lower and narrower 2.4GHz 802.11b which is why it was created. However, the 5GHz band is not as available worldwide as the 2.4GHz radio frequencies are and so it has not progressed like the 2.4GHz technologies have. Also 802.11a equipment is completely incommpatible with 802.11b equipment, but 802.11g equipment is easily made backwards compaitlbe to 802.11b equipment and often is made this way. To that end, 802.11g being backwards compatible with 802.11b and begin comparable in data rate and range while using long established available and unrestricted frequencies worldwide has effectively rendered 802.11a unpopular at best, in fact bordering on deprecated.

But it can be seen from the 802.11b channels that if one WLAN is using channel 1 then the next channel that is guaranteed clear of crosstalk from it would be channel 4. And if that one is also used, then the next available channel clear of crosstalk from it would be channel channel 7. Using that one as well would then force the next WLAN to use channel 10. Since the only one left in the United States is 11 which is too close to channel 10, then all available frequencies for the same area would then be used up. In all European countries except Spain, as well as Australia and Japan, an additional available channel under this scenario does exist at channel 13. To reiterate, to set up separate WLAN's using independent frequencies to avoid interference with each other in the same area, channels 1, 4, 7 and 10 (or 2, 5, 8 and 11) can be usedin the United States. Europe except for Spain, Australia and Japan can add channel 13 (or 14) to this scheme making one additional WLAN possible within the confines of a relatively small area.

Like modems all of these technologies can fall back to slower data rates if the highest rate is suffering from too much data loss. In essence the worse the ambient cell's situation is, the slower the transmission rates will be as the transceivers attempt to find a transmission rate that reduces the percentage of data loss that would require retransmitting the packets. Incidentally this may not be the highest possible throughput between the nodes. For example, if the nodes are losing 50% of the data at 54Mbps, but only 25% loss at 23Mbps then the transceivers may choose to use the 23Mbps data rate. Losing 25% yields 17.25Mbps over large quantities of data over long periods of time while losing 50% at 54Mbps yields 27Mbps over large amounts of data over large periods of time meaning that even with the higher loss, trnasfering large amounts of data would go faster that way, but the transceivers will refuse to do this if they can improve the percentage loss at a slower data rate. 802.11g fallback data rates:

The solution here is then to create as ideal a cell as possible. Try to keep nodes in LOS - Line-Of-Sight if possible. If not try to get them as close as possible. Solid walls are especially bad and even drywall has high voltage wiring and metal studs that introduce RFI and reflections that will be detrimental to the transmission capabilities of the nodes. In situations where the obstacles are a problem, the best solution might be bridging two or more WAP's that are LOS to each other, or even setting up a wired superstructure connecting two smaller cells allowing the wireless nodes to communicate through the AP's through the wired network.

802.11n is made possible by a technology called MIMO - Multiple Input/Multiple Output antennas. These are capable of sending and receiving on multiple frequencies simultaneously. This is what makes their data rate capabilities so high. Because of the superiority of the antenna and a slightly higher transmission power coupled with far superior receiver amplifiers 802.11n has a much better range as well. 802.11n therefore transmits and receives data streams on multiple frequencies simultaneously. Each frequency is using what is known as OFDM - Orthogonal Frequency Division Multiplexing as opposed to DSSS or FHSS which only transmit and receive on a single wavelength at a time. While FHSS and DSSS frequency hop sending a single serial stream of data at a time, OFDM sends more than one bit at a time, by bit stuffing (like DDR RAM) and utilizes frequency harmonics of the base carrier wave to do this (the orthogonally positioned harmonic frequencies by the way, hence the name.) OFDM is therefore not considered a spread spectrum form of transmission. Because 802.11n uses more than one carrier frequency and each carries an OFDM transmission this is loosely refered to as Link Aggregation using Spacial Multiplexing.

802.11y still under development will greatly improve the range capabilities of WLAN's by incorporating less data/second (longer individual bit patterns) and more redundant ECC encoding into the simultaneous frequency spread spectrum MIMO transmissions. Since the technology concentrates on superior range, it will sacrifice the data rate, so at close ranges 802.11n will be the best choice because its average data rate is higher than any of the others maximum capabilities.

WLAN's using the ad-hoc scheme do not have a centralized communication authority in the cell. Instead the transceivers will literally hold an election to determine the "de facto" centralized authority or "access point for the moment." However, this elected transceiver cannot be expected to provide the types of services offered by even the simplest of WAP's. As such it will NOT advertize a SSID like the WAP's although it may actually be called that in the configuration software. Instead ad-hoc networks advertize a BSSID - Basic Service Set IDentifier which as the name implies provides much more rudimentary services than a WAP's cell would. Furthermore, the NIC within the ad-hoc cell that has been elected the de facto central authority will not in fact become the communication authority in the cell restricting communications and handshake responses like the WAP will. And this elected transceiver will advertize to any node within range the ad-hoc network's IBSS - Independent Basic Service Set identifier for the WLAN. Because of this promiscuity with the identifiers, ad-hoc networks are to be avoided whenever security is an issue, and in modern times with so much private information residing on anyone's perosnal computer, security is always an issue.

Multiple WAP's creating multiple wireless access zones or independent cells that are attached to a larger wired network superstructure communicate with each other across the wired network and can perform complex bridging activities to allow a roaming computer to exit one cell and enter into another while retaining the first wireless access zone's SSID offered by the first WAP. This can only be done if the two WAP's exchange this information through the wired network backbone on which they reside. This exchange of SSID's and the advertisement of services to nodes as well as the security measures they enforce such as EAP/WPA/TKIP authentication services form what is called the ESS - Extended Service Set of the participating WAP's. Bear in mind that the WAP's can be configured to do this, and they can be configured so that they will not do it also. In business environments seeking to keep rogue nodes off of the network, they would set up strong EAP/WPA authentication on one cell with a separate channel and SSID from another cell which they may open to the public. This might be done on college campuses in which wireless Internet access is one of the available amenities. The WAP's offering the wireless Internet access are all on one channel and configured with the same SSID. They are all either bridged in LOS on building tops or attached to a wired network and so can share this information and build the ESS database to support roaming nodes.

802.11i will eventually render obsolete all current forms of Layer1/Layer2 WLAN security and their inherent problems. 802.11i will employ an asymmetric encryption algorithm using public/private keys to ensure the secure exchange of all data at the layer 2 level. That is, any machine joining the cell will be required to render its public encryption key. And the WAP will deliver its public encryption key to the new node. All communication to the WAP would then have to be encrypted with the WAP's public key or it would be rejected. All other nodes will also be encrypting their packets prior to transmission to their intended targets. Since public keys can only encrypt data, the new node cannot read any packets other than those intended directly for it. And even then, no node will send it anything unless it has already rendered its public key so that they can encrypt the frames they are sending to it. Furthermore, the new node would be subject to EAP authentication just like in WPA secure systems now. Upon failure to receive authentication from the local LAN authority (domain controller/logon server, for example) then the WAP would immediately begin to refuse all traffic to/from the new node.