link layer

2.1.

1.6 TCP/IP 3
1. IP IP
2. ARP
3.
TCP/IP
1. EthernetFiberCopper
Medium Media
2. WLANWireless LAN
Radio
3. 3G
PPPPoint-to-Point Protocol
4. PDH/SDH/SONETPlesiochronous Digital Hierarchy Synchronous Digital
Hierarchy Synchronous Optical Networking
PPP HDLCHigh-level Data link Control
5. ATMAsynchronous Transfer Mode ATM TCP/IP
TCP/IP
6. GPON/EPON/EPCNGigabit-capable Passive Optical Network Ethernet
PON Ethernet Passive Coax Network
7. LoopbackGRE
8. WiMAXWDM/DWDM

PANPersonal Area Network 10m PAN

LANLocal Area Network 300m
WLAN
MANMetropolitan Area Network SDH

WANWide Area Network

SDHWDM

TCP/IP

Richard Stevens 1993 TCP/IP Token

RingFDDIFiber Distributed Data Interface RS-232
2010
FDDIRS-232

 WLAN Wi-Fi Wireless Fidelity WLAN

802.11 3G 4G
PDHSDHSONETWDMDWDM
1993 2010
TCP/IP TCP/IP

TCP/IP

PPPoEPPP over EthernetPPPoEoAPPP over Ethernet over ATMMAC in

MAC Ethernet in Ethernet TCP/IP
TCP/IP

WLANPPPLoopback
MTUMaximum Transmission Unit

2.2.

Ethernet Xerox PARC Robert Metcalfe ALOHA

1972 1982 DCEIntel Xerox
Robert Metcalfe 3Com 1993 TCP/IP
CSMA/CD Carrier Sense, Multiple Access with
Collision Detection
2.94Mbits/sec 1M=106 220 10Gbits/sec
40G 100G
2.94M10M100M1G10G40G100G
identifier
address 48bit MACMedium Access Control
hardware address
WLAN WLAN 48bit

 2-1
2000
1. 8 4
Twisted pairs+RJ45Registered Jack 45 HUB 2 HUB

2. 4
CSMA/CD
CSMA/CD

3.
Half Duplex

 2-2
2-2 1 Tx 2 Rx
1 2 1 1 23

1.
2.
3.
4.

1 23
2 3
2 3 2
13 2

Switch

1. 1 1
1
2. 1

2-3
1. 1 1 1
Full Duplex

2. 1 234
2

Switch 1 2 1 Tx 2 Rx 1 Rx
2 Tx 1 2 3
Tx
Tx Rx
2 3 1

Bridge

WLAN

2.3.

IEEE 802

1982 DCEIntelXerox Ethernet

IEEEInstitute of Electrical and Electronics Engineers 802

802.3 CSMA/CD
CSMA/CD802.4 802.5
802.2 LLCLogical Link Control 802 802.11
WLAN802.16 802.17 WiMAX 802.2 802.1 802
802.1X802.1D802.1Q802 802
802.11n 802.11802.1p 802.1Q

2-4 IEEE 802 LLC MAC

802.2 LLC
MAC 802.3802.11802.16802.17 MAC
802 MAC 802.11
802.11a/b/g/nTCP/IP
IEEE 802.3 3 Ethernet MAC
LLC IEEE 802.3 CSMA/CD
Ethernet
Ethernet 802.3 Ethernet RFC 894
Ethernet 802.3 Ethernet 802.3

RFC 894 IP Ethernet RFC 1042 IEEE 802 IP

RFC
1. RFC 894

2. RFC 1042 RFC 894

3. RFC 1042 2
RFC 894
RFC 894 RFC 1042
Ethernet 802.3 LLC

2-5 IEEE 802.2/802.3 RFC1042 Ethernet RFC 894

destination address source address
MAC ARP 32bit IPv4 MAC IPv6 NDneighbor
discovery 128bit IPv6 MAC
2 802 length
DSAP~data CRC Ethernet type
0x0800 IPv40x0806 ARP0x86dd IPv6802
802.2 SNAPSub-Network Access Protocol 802 length
Ethernet type
Ethernet data type 802 3 802.2 LLC 5
802.2 SNAPSub-Network Access Protocol DSAPDestination Service
Access Point SSAPSource Service Access Point
0xaaCNTLControl 0x033 org code 0x00-00-00
802 type Ethernet type RFC 1700/RFC 3232
type

CRCCyclic Redundancy Check

FCSFrame Check Sequence
802 38 1492 Ethernet 46
1500 ARP 28
PADpadding PAD ARP RFC 1042
PAD 10 Ethernet 18 8 PAD
LLC ARP ARP

2.4.

802

3 Ethernet RFC 894 IEEE 802

IEEE 802
802.1DMAC bridge 802
802.1sSpanning Tree Protocol
802.1QVLANVirtual LAN 802.1p Priority
802.1X
802.1X
802.1ABLLDPLink Layer Discovery Protocol

802.1adQ in Q801.1Q in 802.1Q

Carrier Ethernet 802.1ah
802.1ahPBBProvider Backbone Bridge
PBTProvider Backbone Transport
802.1aqSPBShortest Path Bridge
MAC ECMPEqual Cost Multi Path
SPB STP
802.3ab 1Gb/s
802.3ad 802.3ax LACPLink Aggregation Control
Protocol 3 1Gb/s 3Gb/s
802.3ae 802.3af 10Gb/s
802.3af 802.3atPower over Ethernet PoE802.3af
12.95W802.3at 25.5WPoE AP IP
802.3ahPBTProvider Backbone Transport

802.3ak 10Gb/s
802.3av10Gb/s EPON
802.3az
802.3ba40Gb/s 100Gb/s
TCP/IP LLC
MAC
802.1Q802.1X

2.5.

WLAN

WLAN WLAN
HUB ALOHA1960
ALOHA Hello ALOHA WLAN ALOHA
WLAN 1997 Richard 1993
WLAN IEEE 802.11 WLAN = 802.11 = WiFi
WiFi WLAN 802.11
WLAN

2-6 WLAN
WLAN Channel
WLAN
CSMA/CAA
Avoidance CSMA/CD WLAN
WLAN 100m 10km

2-6
Infrastructure 4 2
AvoidanceDetection WLAN
station STA ad hoc STA
Peer to Peer Infrastructure STA Access Point
AP STA AP STA AP Infrastructure
WLAN
ad hoc 2-6 STA1 STA4

STA2 STA1 STA2 STA34 ad hoc

Infrastructure STA AP 2-6 STA1234

AP STA1 STA4 STA1STA4 STA1
AP Infrastructure AP AP
Infrastructure WLAN distributed
system DS AP AP
AP AP AP
IEEE 802.11 WLAN 802.11a/b/g/n MAC
802.11i/e TCP/IP

2.6.

WLAN

WLAN IP LLC LLC 2-4 802.11 802.3

LLC MAC tcpdump winpcap Ethernet
MAC 802.11 MAC
WLAN MAC 2-7

2-7 802.11 WLAN MAC

802.11 MAC
WLAN WLAN
WLAN IEEE 802.11 LLC 802.2 LLC
2-6 802.3
1. Frame Control 2 11
1) Version 2 0
2) Type 2 012 management frame control
frame data frame WLAN
area clear

channel acquisitioncarrier-sensing maintenancepositive

acknowledgment of received data
WLAN
3) SubType 4
4) ToDS STA DS 1 STA AP DS
5) FromDS DS STA 1 DS AP STA ToDS
FromDS 1 DS AP STA
STA 0 Station ad hoc
6) More Fragment 1
WLAN

7) Retry 1 WLAN
1993
802.3

8) Power management WLAN

STA
1Power Save PS
WLAN AP 1
9) More data power management STA
AP AP 1 STAAP

10) Protected WLAN WEPWired Equivalent

Privacy Protected 1
0 cryptography
Clear text Encrypted text WLAN WLAN

11) Order 1
2. Duration/ID /2 3
1) 1 0
us STA AP
802.11 Duration

2) 1 1 0 CFPcontention free period

3) 2 11 STA PS PS-Poll- AP
association ID ID aidSTA
AP AP aid AP STA

3. 1234 (oh my ladygaga)WLAN 4 2

WLAN
TypeSubTypeToDS FromDS
ToDSFromDS

ToDS FromD Address1 Address2

Address3 Address4

(Receiver) (Transmitter)

IBSS

DA

SA

BSSID

To AP

BSSID

SA

DA

From AP

DA

BSSID

SA

WDS

RA

TA

DA

SA

2-8 WLAN
2.8 WLAN MAC
1) BSS IDBSS Basic Service Set STA
ad hoc BSS ID Infrastructure
AP BSS AP MAC STA BSS ID
Infrastructure STA AP AP MAC BSS ID

2) Destination AddressDA STA DS

MAC Destination IPv4IPv6

4.

5.
6.

7.

2.7.

3) Source AddressSA STA DS MAC

4) Receiver AddressRA MAC
RA DA 2-8 To AP RA AP MAC
BSSID AP DA DAAP
AP
5) Transmitter AddressTA MAC
6) 3 123
RA 802.11
Sequence Control 2
12bit Sequence Number 0
Sequence Number 1 4095 04bit Fragment Number
0 16
QoSQuality of ServiceControl 802.11e
/QoS
802.11e
Frame data 802.2 LLC 802.3
802.11 802.11n
data 02312 802.11n 7955 11414
oh yeah, baby LLC 1500 802.11 frame
body MAC 802.11
PAD 2.7 IPv6 ARP
CRC CRC

WLAN

WLAN
WLAN 10 WLAN
WLAN
802.3/
2
802.11eQoS WLAN
802.11i WLAN 802.1x WPI

2.8.

PPPPoint-to-Point Protocol

PPP P2P PPP

P2P WLAN

 2-9 PPP
PPP 2-9 PPP
PPP

PPP
WLAN PPP
ModemPPP 2-10

 2-10 PPP

PPP 2-10
Dial-up Modem
ADSL Modem 3G /WLAN
PPP over Ethernet PPPoE

SDH
2M155M622M2.5G

PPP Link Control Protocol

LCP
OK LCP PPP

LCP LCP 2
PAPPassword Authentication Protocol CHAPChallenge Authentication
Protocol
PAP CHAP MD5

NCPNetwork Control Protocol

NCP PPP NCP IPv4
IPCP IPv6 IPv6CP OSI OSICP OSI
IPv4 OSI IPv4/IPv6
DECnetAppletalk PPP NCPNCP
NCP PPP

PPP Multi-Link PPP PPPPPP Compression

2.9.

PPP

PPP WLAN 2-11

2-11 PPP
PPP flag flag flag PPP
7E
address FF PPP 2
2-9 1 2
2
control 03
protocol type information
0x0021 IPv4 0x8021 IPv4CP0x0057 IPv6 0x8057
IPv6CP0xc021 LCP
information data 1500 0
CRC CRC 2 CRC 4
PPP 0x7E 01111110 0x7E
PPP 0x7E PPP
escape character 0x7E

1. 0x7E 0x7D0x5E flag

2. 0x7D 0x7D0x5D
0x7D0x5D 0x7D
0x7D0x5D0x5D

3. ASCII 0x20

Stevens 1993 19.2kb/s

= PPP
information 1500 1+1+1+2+1500+2=1507 PPP
99.536%

2.10.

PPPoEPPP over Ethernet

100Mb/s 200
500kb/s

PPP
PPP 2Mb/s

PPPoE PPP PAPCHAP

PPP PPP
Ethernet over PPP

 2-12 PPPoE
PPPoE
1. PPPoE PPPoE
PPPoE
2. PPPoEPPPoE PPPoE
PPPoE ADSL Digital
Subscriber Line Modem
DSL ATM Asynchronous Transfer Mode
PPPoEoA DSL PPPoE PPPoEoA
PPPoE PPPoE PPPoE
PPPoE
DSL
DSL Modem DSL
PPP
DSL Modem DSL Modem
ADSL PC DSL
ModemWLAN DSL Modem
2-12 PPPoE DSL Modem2
PPPoE
802.1x 802.11i PPPoE

 2-13 PPPoE
PPPoE 802.3802.11 3 LLC
PPPoE Type 0x8863PPPoE discovery 0x8864PPPoE session
IPv4 0x0800IPv6 0x86dd
PPPoE Session PPPoE
Version 4bit 0x1
Type 4bit 0x1
Code 8bit PPPoE Session
PPPoE code
PPPoE discoverysessionterminate
discovery 0x09 code 0x00
Session ID 16bit

Payload length 16bit PPP protocolinformation

protocol PPP Protocol 2-11
information PPP Information 2-11
802.3 46 PPP
PPP 38 2 6 46
PAD 802.3802.11
1500 PPPoE 1492

PPPoE Stevens
Unix tcpdump PC
Windows Wireshark WinPcap
Linux tcpdump Wireshark Statistics

 Flow Graph
Wireshark guide filter PPPoE discovery

2-14 PPPoE Discovery

PPPoE Discovery Session Terminate

Discovery 4

 2-15 PPPoE 1Initiation

Wireshark 1
Destination MAC Broadcast ff:ff:ff:ff:ff:ff

Unicast Multicast

Source MAC 00:23:89:33:a9:20 1.12 Ethernet 1

Type 0x8863 PPPoE discovery terminate
PPPoED Code0x09 Initiation
Session ID 0 PPPoE
PPPoE Tags Host-Uniq
2 000a Windows 12
Wireshark 60 6 6
2 Type6 PPPoE 10 PPPoE 30 30
46 6
PPPoE 10 PPPoE 30
Padding 30
Wireshark 60
2 Offer

2-16 PPPoE 2Offer

Offer OfferOffer

Destination MAC 00:23:89:33:a9:20

Source MAC 00:0f:e2:2e:76:aeWireshark Hangzhou_33:a9:20
Hangzhou_2e:76:ae MAC 24 OUIOrganizationally
Unique Identifier IEEE 24
MAC OUI IEEE
Wireshark manuf 00:0f:e2 00:23:89
HangzhouH3 Wireshark OUI
8 OUI

PPPoE Code 0x07 OfferInitiation Code

Session ID 0 PPPoE PPPoE

29 Initiation AC-Name AC Access Concentrator

PPPoE 15 AC
H3C MAC
3 Request

2-17 PPPoE 3Request

Destination Source
DestinationSource Offer Code
0x19 Request
Offer
4 Session-confirmation

 2-18 PPPoE 4Session-confirmation

Session-ID 0 0x0001

Code 0x65
Offer
2-14 4 1 0
PPPoE 0.006s 6
PPPoE PPP 2.8 PPP LCP
NCP

2-19 PPP
2-19 LCP 4 4
Configuration Request MRUMaximum Receive Unit

1
Configuration Ack MRU

Configuration Reject
Configuration Nak Nak

3
PPP A Ack A
A
A Ack

2-20 LCP
Type 0x8864 PPPoE PPPoE Type
PPPoE Code 0x00PPPoE Session data;
Session ID 0x0001 Session ID
Payload Length 20 PPPoE 6 26 46
20
PPP PPP E1
PPPoE
Hub
PPPoE PPP Protocol flag
0xc021 LCP
LCP Code0x01 Configuration Request0x02 Configuration
Ack
Identifier
Length LCP Payload Length
Header Header
LCP Options 14 CodeIdentifierLength 18
1 Option MRU PPP MTU
MRU MTUMTU
MRU MRU
MRU MRU MRU
1492 2-13 MTU 1500 PPPoE 6 PPP 2

1492
Authentication Protocol PAP CHAPChallenge
Handshake Authentication Protocol 0xc023
PAP
Magic Number PPP 2-9 1
Tx 2 Rx 1 Rx 2 Tx Tx Rx
PPP
PPP

2-21 LCP
Destination Source

LCP Code 0x02

PPPoE

LCP Configuration Ack

Configuration Reject MAC
*

2-22 LCP *
LCP Code 0x04 configuration Reject
Options Callback
Options

PPP PAP

 2-23 PAP
SourceDestination Type 0x8864PPPoE
CodeSession ID LCP
PPP 0xc023 PAP
PAP Code 0x01 Authenticate-Request
Identifier 0x01 Identifier 0x01 Ack Request

PPP Data Peer-ID

Password 13 AccessRouter2 3 pwd
PAP
Authenticate Ack

2-24 PAP
MAC
PAP Code 0x02 Authenticate-Ack
Identifier 0x01 Identifier 0x01
Data MessageWelcome to use this device
How are you doing?

2-19 PAP IPCP IPCP RequestAckRejecNak

IETF PPP RFC1661 IPCP NCP PPP
LCP PAPCHAPIPCP
PPP IPCP Request

 2-25 IPCP
PPP Protocol 0x8021 IPCP
IPCP Code 0x01 Configuration Request
Options IP IP Address 6.16.5.1
6.16.5.1

 2-26 IPCP
Options
1 IP Address 0.0.0.0
2 Primary DNS Server IP address DNS 0.0.0.0

3 Secondary DNS Server IP address DNS 0.0.0.0

 2-27 IPCP

IPCP Code 0x04 IPCP Configuration Reject

Options DNS DNS

 2-28 IPCP
Code 0x02 Configuration Ack
Options IP 6.16.5.1

Options

 2-29 IPCP
2-26 Options DNS
DNS 2

 2-30 IPCP Configuration Nak

2-29 0.0.0.0
IP 0.0.0.0
Nak 0.0.0.0 6.16.5.6
Ack

 2-30 IPCP
Nak IP 6.16.5.6

2-31 IPCP

 Ack
Reject Option Request Nak
Nak Request Ack

PPP TCP/IP
PPP PAP CHAP

2-32 PPP CHAP

LCP CHAP LCP PAP LCP
LCP

 2-33 PPP CHAP LCP

Authenticator Supplicant

PPP
LCP Options 0xc023 CHAP
Algorithm MD5Message Digestion 5 Hash
MD5(How are you doing?) = 16bytes-String MD5 How are
you doing? 16bytes-String MD5
16bytes-StringHow are you doing?

2-34 CHAP challenge

CHAP Code 0x1
Identifier 0x1
Data Value MD5 128bit 16byte
MD5
Name

2-35 CHAP Response

CHAP Code 0x2
Value 16 MD5 Identifier
Value

Name AccessRouter2

Value Challenge Identifier

Response
Response Identifier 0x1Response Identifier Challenge

Identifier MD5 Response

Value MD5
MD5 MD5
PAP

2-36 CHAP Success

Code 0x3 ChallengeResponse Identifier
Welcome to bugWelcome to use this device
16 Welcome to

PPP Session Session LCP

 2-37 PPP LCP

Echo
Echo PPP LCP LCP Echo
Echo Request Echo Reply 2-37

 2-38 PPP LCP

LCP Code 0x09 Echo Request
Identifier Echo Reply Echo Request
Magic Number
Echo Reply Echo Request

 2-39 PPP LCP

Echo Reply Code 0x0a
Identifier Echo Request
PPP PPP PPP
PPP LCP terminate

2-40 PPP LCP *

LCP Code 0x05 terminate request
Identifier
Data
terminate ack

2-41 PPP LCP *

LCP Code 0x06 terminate ack
Identifier
Data
PPP LCP PPP
PPP terminate request LCP LCP
Echo 3 LCP Echo Request
2-40 2-41
PAPCHAP NCP LCP
LCP

PPP PPPoE discovery terminate

PPP LCP terminate PPP LCP PPPoE
PPPoE

2-42 PPPoE Discovery Terminate

Type 0x8863
PPPoE Code 0xa7
Session ID
1

2.11.

802.1Q Virtual LAN

WLAN LAN link link LAN link

LAN bridge link 1 link LAN
LAN LAN LAN
router
bridge

Virtual LAN VLANVLAN 802.1Q 802.1Q

 2-43 802.1Q
2-43 802.1Q VLAN tag 2 type
1 type 0x8100 802.1Q
2 type data type
802.1Q 4 2 type 0x8100 2
802.1Q802.1Q 3
1. 3 802.1P QoS 3 07 8
0
2. 1 CFI 0
3. 12 VLAN ID VLAN Id 04095 0 4095
14094VLAN 1 VLAN
VLAN

 2-44 VLAN
R&D Marketing LAN R&D
Marketing R&D PC VLAN 2Marketing PC
VLAN 3 trunk 2-44
trunk aggregated
PC VLAN trunk
VLAN tag
VLAN tag VLAN Switch 1
R&D PC VLAN ID = 2 trunk Switch 2 Switch 2
VLAN ID = 2 VLAN 2 R&D PC
PC 802.1Q PC
access
access 1 VLAN n VLAN ID = n
VLAN ID = n
trunk VLAN x/y/z 1 primary VLAN
VLAN Id pvid x VLAN ID = x/y/z
VLAN ID = x 802.1Q
802.1Q 802.1Q VLAN ID = x
hybrid VLAN trunk pvid hybrid pvid
trunk hybrid VLAN 802.1Q
VLAN untagged VLAN hybrid 802.1Q
VLAN tagged VLAN hybrid 802.1Q
pvid 802.1Q hybrid pvid = xuntagged VLAN =
ytagged VLAN = z 802.1Q VLAN ID = x y hybrid
VLAN ID = z 802.1Q
802.1Q VLAN ID = x 802.1Q
VLAN ID y z
VLAN

VLAN
VLAN VLAN router
bridge bridge VLAN
bridge VLAN VLAN VLAN
router router
router bridge layer 3 switch 3
PC 802.1Q

802.1Q WLAN AP 802.1Q

bridge STA DS AP 802.1Q DS
STA 802.1Q AP 802.1Q ARP request

 2-45 802.1Q ARP request

1 type 0x8100 802.1Q Virtual LAN
priority 0
VLAN ID = 2 VLAN 2
2 type 0x0806 data ARP
802.1Q 4 data data
461500 802.1Q 2 802.1Q 3 type 2
802.1Q 802.1Q QinQ 802.1Q in 802.1Q

2.12.

802.1X Authentication802.1X

TCP/IP TCP/IP
IP
TCP/IP

2.10 PPPoE
PPPoE
port-based network access control
PC PC
IEEE 802.1X Authentication 1X
802.1X IETF EAPExtensible Authentication Protocol 802.1X

 EAP

2-46 EAP 802.1X

EAP IETF
PPP PAP CHAPEAP PPP WLAN EAP
EAP

MD5

PKIPublic Key Infrastructure

TLSTransport Layer Security
TTLSTunnel TLS
PEAPProtected EAP TLS
TLS

EAP
EAP
EAP 802.1X
WLAN EAP EAPOLEAP Over LAN802.1X EAP
WEB Portal
PC
802.1X802.1X
802.1X
2.44 1 802.1X
2 1 PC
2 PC 2 PC 2 PC
WLAN

MAC MAC-based network access control

PC WLAN MAC MAC
PC 802.1X MAC

802.1X

 2-47 802.1X

Supplicant802.1X
EAP 2-47 WLAN Pc Ethernet PC Supplicant

Authenticator802.1X
Supplicant Authentication Server Supplicant
802.1X Supplicant 802.1X PAEPort Authentication Entity
2-47 WLAN PC AP Ethernet PC Switch Authenticator

Authentication Server802.1X
EAP Authenticator Authentication Server
EAP Method

Supplicant Authenticator 802.11 802.1X

802.1X EAP EAPOLEAP EAP
Method

Authenticator Authentication Server

Authentication ServerAuthenticator Supplicant EAP

 RADIUSRemote Authentication Dial In User Service

UDP Authenticator Authentication
Server EAP RADIUS 802.1X
Supplicant

802.1X Supplicant Authentication ServerAuthenticator

802.1X

1. Supplicant 802.1X Authenticator

2. Authenticator RADIUS Authentication Server Supplicant
3. Authentication Server RADIUS Authenticator
4. Authenticator 802.1X Supplicant
1) Authenticator Supplicant EAPOL Supplicant
802.1X IPv4/IPv6
Authenticator
2) Supplicant
Authenticator 802.1X
802.1X Supplicant Supplicant

Supplicant MD5-Challenge EAP

Method 802.1X Supplicant Authenticator RADIUS

2-48 MD5-Challenge 802.1X*Supplicant*Authenticator

Supplicant DA
Nearest01:80:c2:00:00:03 Authenticator Authenticator
Supplicant Authenticator
Authenticator WLAN AP MAC DA RA AP
Authenticator STA

2-49 EAPOLStart

1. 2-49Supplicant EAPOL Start

1) 802.1X WLAN Type 0x888E

2) 802.1X 1 Version 121 1
3) 802.1X Type 1 1 Start
4) 802.1X 2 Length 0
5) 802.1X 4 Ethernet 46 Payload 42
PAD Wireshark PAD Trailer

 2-50 EAPIdentity Request*Authenticator

2. 2-50 Authenticator EAPOL Start RFC 3748

1) 802.1X Type 0 802.1X EAP
2) 802.1X Length 5 802.1X EAP 5
3) EAP
(1) Code 1 1 Request
(2) Identity 1 Request Response
(3) Length 2 EAP 5
CodeIdentityLength Data 5
(4) Type 1 Type-Data Code 247 EAP Methods Type Type-Data 1 RFC
3748 RFC EAP
(5) Type-Data Type Length
Length Code Identity Type Type-Data
Type-Data 0 Type 1

 2-51 EAPIdentity Response*Supplicant

3. 2-51 Supplicant Authenticator Identity Request Identity Response

1) 802.1X Identity Request Length 11 EAP

(1) Code 2 Response

(2) Identity Request 1 Response Request
(3) Length 11
(4) Type Type-Data 11 1 1 2 = 7Bytes Type
1 RFC 3748 Identity tmp001 6 Bytes
Type 1 Byte 7 Bytes Supplicant tmp001

 2-52 EAPMD5-Challenge Request*Authenticator

4. 2-52 Authenticator Supplicant Identity Identity

Authentication ServerAuthentication Server EAP
MD5-Challenge RequestMD5
1) Code 1 Request
2) Identity 2 Authenticator Request Identity
3) Length 22Type-Data 18 Bytes
Type

EAP Method

MD5-Challenge

EAP CHAP

GTC/Generic Token Card

18

EAP-SIM

GSM SIM

23

EAP-AKA

3G Authentication & Key

Agreement EAP-SIM

29

EAP-MSCHAP-V2

CHAP

13

EAP-TLS

Supplicant Authentication Server PKI

digital certificate
Authenticator 3
WAPIWLAN Authentication & Privacy Infrastructure

21

EAP-TTLS

Tunnel TLS TLS

EAP-TLS TLS

 TTLS Authentication Server

Supplicant Authentication Server TLS
Supplicant
TTLS TLS

25

PEAP

Protected EAP TTLS TTLS

PEAP TLS EAPRFC 3748

(1) Type 4 Type-Data RFC 3748 MD5-Challenge

EAP Method
(2) Type-Data 1 Byte Value-Size 16 Bytes
(3) Value 16 Bytes MD5-Challenge

2-53 EAPMD5-Challenge Response*Supplicant

5. Supplicant MD5-Challenge Request Response

EAP 2-53
1) Code 2 Response
2) Identity 2 Request Identity
3) Length 28Type-Data 4
(1) Type 4 RFC 3748 MD5-Challenge
(2) Value-Size 16
(3) Value MD5-Challenge Request Value Supplicant
Identity MD5
(4) 6 Extra Data tmp001 Supplicant

 Response Length 28 Request Length 6

2-54 EAPSuccess*Authenticator

6. Authenticator Supplicant MD5-Challenge Response Authentication Server

Authentication Server MD5 Response Value
Success 2-54
1) Code 3 EAP Success Supplicant

2) Identity 2 Request
3) Length 4 Type Type-Data
Authenticator 10s Supplicant PPP LCP Echo
2-48 0.047s Success 9.787s Authenticator
Identity Request MD5-Challenge RequestSupplicant Identity ResponseAuthenticator
Success OK 21.787s 24.783s
Supplicant 802.1X Logoff

 2-55 EAPOLLogoff*Supplicant

7. Logoff EAPOL 802.1X EAP EAP

RequestResponseSuccessFailure Type-Data
1) 802.1X Type 2 Logoff
2) Length 0

2-56 EAPFailure*Authenticator

8. Authenticator Logoff EAPOL EAP 2-56

EAP Code 4 Failure Supplicant
Failure Identity 39.787s 21.787s Request Identity 3
Identity Request
EAP RequestSuccessFailure Authenticator Supplicant
Supplicant Authenticator EAP Response EAP RFC 3748

 MD5-Challenge EAP Method Method

Supplicant Method Authentication Server
Authentication Server Method
Authenticator 802.11
Authenticator Supplicant

EAP IETF PPP 802

EAP PPP
EAP PAPCHAP EAP-SIM/AKA
EAP EAP
EAP-SIM/AKA EAP
PAPCHAP EAP 802 802.1X EAP
802.1X IT Supplicant
802.1X
Guest VLAN 802.1X Supplicant
Guest VLAN Guest VLAN
Supplicant 802.1X
Portal
802.1X

Open SourceFree
Software 802.11 Wireless Networks: The Definitive Guide, Mathew S. Gast

2.13.

802.11i WLAN

802.1X Supplicant
WLAN WLAN
WLAN

Switch HUB
Show Care
Switch
Switch Mirror
Mirror
WLAN

 2-57 WLAN
2-57 WLAN

WLAN
MAC MAC
Open System STA STA AP
MAC MAC

Shared Key Open System STA

STA AP MAC 802.11
WEP Shared Key
802.11iWi-Fi 2003 802.11i WPA 2004 802.11i
WPA2 WPA WPA2 Wi-Fi 802.11
802.11i Open System 802.1X
MAC MAC
MAC
confidentialityalgorithmkey
Cryptographic clear text
encrypted text cipher text Fea
key1 Fda key2ct et et =
Fea(key1, ct) ct = Fda(key2, et)
Fea Fdakey1 key2

WLAN RC4Rivest Cipher 4RSA Ron Rivest

AESAdvanced Encryption Standard 802.11 WEP RC4
802.11i TKIPTemporal Key Integrity Protocol
RC4 WEP RC4
WEP WLAN MAC RC4
TKIP 802.11i RC4 WEP
802.11i CCMPCounter Mode with CBC-MAC Protocol
AES WPA
TKIPWPA2 CCMP

 IntegrityAuthentication
WEP CRC
802.11i TKIP Michael CCMP CBC
Anti-Reply
TKIP CCMP 802.11e QoS

802.1X EAP
pre-shared key 802.1X 802.1X
pre-shared key
STAAP pre-shared key STA AP
WPA Personal pre-shared
key WPA-PSK
EAP-TLS WPA Enterprise
TLS WPA Enterprise PEAPCisco
TTLSMicrosoft
MAC 802.1X MAC MAC

802.1X 802.1X 802.11i

802.1X
RSNRobust Security Network

TSNTransition Security Network TKIPCCMP 802.11i

TSN802.11i RSN
WLAN 802.11 WEP 802.11i TKIPCCMP
RSN WLAN Wi-Fi

WPAWPA2WPA PersonalWPA EnterpriseWLAN

WEP Open System

802.11i WPA2
802.11

 2-58 802.11
Protected 1 TKIPData
1520 TKIP MAC 802.11 MAC

 2-60 802.11 MAC 802.1X

2-60 4
1. scanning STA AP
1) 1 STA probe requestSN 402 Broadcast
2) AP 2 probe responseSN 2100 AP
Service Set ID SSID ChinaNet-A780 AP
Ack
3) STA probe request AP STA AP Beacon
AP 3 AP BeaconSN 2102STA
probe requestAP SN 2101

4) Ack Wireshark
2. authentication WPA Open System
1) 4 STA authentication STA Open System
2) 5 AP STA authentication 4
3. association association MAC
1) 6 STA AP association request WLAN
TKIPpre-shared keyRSNv1
2) 7 AP STA association response STA STA
Ack STA AP MAC LLC

4. 802.1X LLC MAC

1) 8 11 802.1X pre-shared key
TKIP pre-shared key
STA MAC
WLAN WLAN
1. WLAN
2. WEP WLAN shared key STA WEP

3. WPA-PSK WLAN pre-shared key WEP WPA-

PSK
4. WPA Enterprise
5. WEPWPA
6.

Matthew S. Gast 802.11 Wireless Networks: The

Definitive Guide 802.11 IEEE

2.14.

802.11e WLAN QoS

QoS




VIP
VIP

3

50

2 iPhone
iPhone show

Quality of Service
QoS
QoS
iPhone
QoS

QoS
QoS

 2-61 TCP/IP QoS

TCP/IP QoS
QoS end to end QoS
QoS
QoS QoS

QoS end to end QoS

QoS QoS LLC
MAC QoS
QoS 802 2
LLC 802.1p transmitter receiver

802.1p QoS LLC QoS

MAC 802.11e WLAN

WLAN
WLAN contention
WLAN 2
000 STA WLAN
STA
WLAN
802.11n STA
802.11e
2-3
MAC QoS PPP PPP QoS
PPP QoS router QoS
HUB 2-2 MAC
MAC QoS
QoS MAC QoS
802.11e
802.11e WLAN CSMA/CA CSMA/CA
802.11 MAC Virtual Carrier Sense CSMA/CA
NAVNetwork Allocation Vector STA NAV
2-7 Duration MAC WLAN

 2-62 802.11 MAC

802.11 MAC 2
1. DCFDistribute Coordination Function STA AP
Duration Duration
back-off PHY 2 STA back-off

2. PCFDCF STA AP
PCF PC(Point Coordinator ) AP AP STA
PCF AP CF-Poll STA CF-Poll
Duration STA AP NAV
802.11 DCFPoint Beacon STA AP
CFPContention Free Period Point CF-End CPContention
Period
802.11 DCF PCF DCF PCF
STA STA STA
WLAN STA
802.11e HCFHybrid Coordinated Function
1. 802.11e HCCAHCF Controlled Access HCF PCF

2. EDCAEnhanced Distributed Channel Access

DCF DCF
3. 802.11e PCF DCF 802.11 802.11e STA
QSTA QAPQBSS HCF QAP
HCHybrid Coordinator
e e

 2-63 802.11e
2-63 2-7 802.11 802.11e WLAN
802.11e 802.11e 2-63 802.11
802.11e Type-SubType SubType 4 1000
802.11e QoS Frame802.11e 2 QoS Control
1. 3bit Traffic Identifier TID 802.1p
802.11e AC TID

TID 802.1p 802.1p

AC Access Category 802.11e

Background

Best Effort

Best Effort

Best Effort

Excellent Effort

Best Effort

Critical Apps

Video Probe

Video 100ms

Video

Voice 10ms

Video

Internetwork Control

Voice

Network Control

Voice

2. 1bit 4 0 reserved 0 Prioritized QoS 1

Parameterized QoS
1) QoS DiffServ
QoS
2) QoS
IntServ QoS
3. 2bit ACK Policy802.11 802.11e

Group ACKACK Policy 3

1) 0
2) 1

3) 2 TCP

4. 1bit 7 HC QSTA to DS = 0from DS = 1

5. 8bit 8 15 2 TXOPTransmission Opportunity

32us 256 HC QSTA QSTA
HC
MAC

2-64 MAC
2-64 EDCF DCF
1. LLC MAC MAC NAV
2. MAC SIFS<PIFS<DIFS<=AIFS
1) SIFS RTS/CTS ACK
2) PIFS PCF
3) DIFS DCF

3.

4.
5.

6.

4) AIFS EDCF 3 IFS AIFS AC AIFS

AC AIFS AIFS[ACi] AC AIFS
AP HC AC IFS AC
IFS CWCW
slot slot CW [cwmin, cwmax]
AC cwmin cwmax HC CW
n 2-64 4 STA STA2
STA1STA3 STA4
MAC 2-64
STA3
m STA
1) AIFS
2) AIFS CW CW slot n-m
3) STA1
4) STA4
5) CW
0
EDCA TXOP TXOP HC Beacon STA
AC TXOP STA TXOP STA
SIFS TXOP
GACK DCF TXOP

EDCF STA AC MAC

HC DCF

2-65 EDCF DCF

EDCF DCF
STA PCF DCF HCCA EDCF
HCCA PCF

 2-66 PCF HCCA

PCF PC PIFS Beacon STA CF
1. CFP SIFS
2. PC 1 STA STA STA
SIFS DCF DIFS
3. PC SIFS STA PIFS
4. PC End of Cf
PCF STA
1 HCCA
1. HCCA 802.11e ACSTA HC AC
HC CF-Poll STA AC
TXOP STA AC
2. TXOP Group ACK STA ACK
TXOP SIFS
3. CP HC CF-Poll STA AC TXOP STA
EDCF TXOP QoS HCCA
WLAN 3G QoS WLAN

802.11e 802.11e DLPDirect Link

Protocol APSDAutomatic Power-Saved Delivery
TXOPGACK
802.11 MAC WLAN
WLAN 802.11 TCP/IP

2.15.

Loopback Interface

TCP/IP
TCP/IP
2 1-2
UP TCP/IP

 TCP/IP

2-67 TCP/IP
2-67 16 Loopback TCP/IP
Loopback 2-67

1. 2-67 output
Up IP
3
1) IP IPv4 127.0.0.0/8 IPv6 ::1/128 IPv4 IPv6

2) IP
3) IP
2. IP input
output input
2

PC TCP/IP TCP/IP

IP

2.16.

MTU PMTU

2.1 MTU 2.10 PPPoE MRU MTU MTU

MRU

 2-68 MTU MRU

MTU
payload MTU payload
1 payload fragmentation

IPv6 MTU
1280 MTU 1280 MTU
1500 2-7 802.11 10 000 payload 802.11
MTU 1500 payload 2-5 802.3
MTU 1492

MRU MTU MRU

WLAN PPP
MTU = MRU MTU PPP
MRU

MTU Tx MRU Rx

half duplex Tx Rx
MTU = MRU Hub WLAN
MRU MTU 802.1Q

2-68 2 single duplex full

duplex 2 StationA StationB

StationA MTU
MRUStationB StaionA MTU StationB MTU
StationA StationB StationA MRU StationBStationB
MTU MTU PPP MTU
1500 1492
MTU

2-69 PMTU
Tx Rx 4 Device1~4 Tx Rx
Path

1. Tx Device1 Device2 Device4 Rx 2 MTU

150014001300 15004 1300
2. Tx Device1 Device3 Device4 RxMTU 150015001400 1500
1400
PMTUPMTU MTU Path1 PMTU
1300Path2 1400 Tx
Rxpayload PMTU Tx Rx
PMTU
1500 MTU
1500 PMTU

2.17.

link throughputline speed bandwidth

1Gbps 1 000 000 000 bit/s
bit byte 8 1Gbps 2 bit
10M

 2-70
2-5 802.3 2-5
2-70 20

1. 7 preamble
2. 1 delimiter
3. 12 IFGInter Frame Gap CRC
12 IFG

IFG 12
2-70 IFGIFG
84 1Gbps

10 ^ 9 / (84 * 8) = 1488095.238095238
1 488 095.24 fpsframe per second 1538
81 274.38 fps
app
2-70 app data 84 46 = 38
2-70 head TCP 40
78

efficiency = data / frame lengthframe length = data +

efficiency = data / (data +
84 IP-TCP data 6 78 efficiency =
6 / 84 = 7.14% 1538 data 1460 efficiency
94.93%
* 7.14% * 94.93%
1Gbps[71428571.43bps, 949284785.44bps] bps
BpsByte per second[8 928 571.43Bps, 118 660 598.18Bps]
[8.9MBps, 118.7MBps] TCP 1Gbps
PC 1/10 PC 10MBps
PC 25MBps

IP efficiency IP bps
IP payload 461500 efficiency
[54.76%, 97.53%] IP [547.62Mbps, 975.29Mbps] 2-11 PPP
IP 1500 / 1508 = 99.47%

data payload payload MTU

 IP MTU
PMTU

data payload 802.3

802.1Q

2-71
Hub 2-2
2-71
DIFS 54Mbps 802.11g
1MBps WLAN 2 STA
AP

STA AP

AP
AP 54Mbps 802.11g

802.11g 54Mbps 54Mbps 100Mbps

100Mbps 100Mbps 2-7 802.11 IP
802.11 efficiency 84%
WLAN
WLAN WLAN
WLAN 2

2.18.

PPPPPPoE 802.11
802.1Q802.1X 802.11i 802.11e
MTU PMTU

OSI ISO
Open System Interconnection TCP/IP
IP
MAC
802.1ah 802.1qbg 802.1qbh
802.1aq 802.1ag 40G 100G 802.11n802.11e
P2P

WLAN Hub

2 WLAN AP 2-72 2-73

AP 802.11 ethernet IP

 2-72 WLAN AP 802.11

2-73 WLAN AP ethernet

TCP/IP

2.1. 2 10
CSMA/CD WLAN CSMA/CA
2.2. 2 2

2.3. Wireshark ethernet 802.3

2.4. WLAN Wireshark 802.11 MAC
ethernet 802.11
2.5. PPPoE ADSL
PPPoE Wireshark PPPoE
2.6. Modem 3G PPP Wireshark
ethernet PPP
2.7. Windows ipconfig /all
google Linux ifconfig
2.8. Portal 802.1X
Wireshark
2.9.
2.10.
WLAN AP WEP
WPA/WPA2 WPA/WPA2
2.11.
WLAN WEP WPA/WPA2
WPA/WPA2 AP AP MAC
MAC
2.12.
802.11 MAC WLAN

ipconfig ifconfig loopback

ping 127.0.0.1 ping 127.255.255.254 ping6 ::1 ping6 ::2
2.14.
ipconfig ifconfig MTU 1500
2.15.
MTU MTU
Wireshark IP 1500

2.13.