Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1314
Views
5
Helpful
1
Comments

Wireless Frame Addressing

Rajan Parmar
Cisco Employee
Cisco Employee

‎04-14-2017 03:14 PM - edited ‎11-18-2020 03:12 AM

----------------------------------------------------------------------------

We can understand all possible ways of wireless communication in four cases in the following ways  :
 
Case 1: we talk of AP     to   AP   communication
Case 2: we talk of client to client communication (when    AP is involved) : from wireless to the AP
Case 3: we talk of client to client communication (when    AP is involved) : from AP       to the wireless
Case 4: we talk of client to client communication (when no AP is involved)

----------------------------------------------------------------------------

In Wireshark :
                                                                         
To filter all frames pertaining to case 1, use filter as wlan.fc.ds == 0x11
To filter all frames pertaining to case 2, use filter as wlan.fc.ds == 0x10
To filter all frames pertaining to case 3, use filter as wlan.fc.ds == 0x01
To filter all frames pertaining to case 4, use filter as wlan.fc.ds == 0x00

----------------------------------------------------------------------------

These four cases are represented via bits in the following way :

      wlan.ra     wlan.ta
      Receiver    Transmitter
      To DS  <-   From DS

Case 1: 1            1  either do      move To DS or move From DS) ie, AP to AP communication, as in Mesh Setup.
Case 2: 1            0                                                 Specific   wireless client to AP
Case 3: 0            1                                                 AP !to all wireless clients but specific wirless client
Case 4: 0            0  or     do not  move To DS or move From DS) ie, AP  to all wireless clients (broadcast)

----------------------------------------------------------------------------

IF

1 indicates AP (bssid)
0 indicates WirelessClient (w/c)

THEN
                                                                          Destination<- Source
                                                                            Receiver <- Transmitter
 filter wlan.fc.ds == 0x   1 1  will indicate the traffic in the direction       AP  <- AP
 filter wlan.fc.ds == 0x   1 0  will indicate the traffic in the direction       w/c <- AP
 filter wlan.fc.ds == 0x   0 1  will indicate the traffic in the direction       AP  <- w/c
 filter wlan.fc.ds == 0x   0 0  will indicate the traffic in the direction       w/c <- w/c  (without AP)

----------------------------------------------------------------------------

Legend:
w/c1: first  wireless client
w/c2: second wireless client
src : when client is the source      of communication.
dst : when client is the destination of communication.
! means "not"

Say, there are two wireless clients talking , where first wireless client sends message to the second wireless client

           Address 1   Address 2    Address 3    Address 4
           Receiver    Transmitter  Destination  Source
1 1      AP2(bssid)    AP1(bssid)   w/c2         w/c1       
1 0      w/c2(dst)     AP (bssid)   w/c1(src)    
0 1      AP (bssid)    w/c1(src)    w/c2(dst)    
0 0      w/c2(dst)     w/c1(src)    AP (bssid)   

----------------------------------------------------------------------------

In other words, the same information can be understood in the following ways:

In wireless communication, we talk on terms of wireless clients and Access Points ( known as DS )

(A) Wireless Communication Types:

AP     to AP     communication.
Client to Client communication. (either when AP is involved or AP is not involved)
    
----------------------------------------------------------------------------

(B) So, there comes out to be four subtypes of wireless communication:

if (   AP  -  AP   )         Case 1: (when in mesh mode)
if ( client-client ){
    if ( AP is involved){
         if (wireless to AP) Case 2:
         if (AP to Wireless) Case 3:
    }   
    if (!AP is involved)     Case 4: (ad-hoc n/w )
}

----------------------------------------------------------------------------


(C)


Wireless frames are always sent from a transmitting device to a receiving device.

( while reaching all the way to the final destination )
RA - indicates the address of the device, to which transmission of frame should be sent, so that the Final Destination can get it.
TA - indicates the address of the device,    which transmitted the data ( not necessarilly, the originator of the transmitted data, who actually transmitted the frame

)

Address1 field always contains the RA. wlan.ra
Address2 field always contains the TA. wlan.ta
-if (bridges in use )                    {Address 4 is used }
-else
   if ( RA is not the final recipient ) { Address 3 contains the final Destination Address       }
   if ( RA is     the final recipient ) { Address 3 contains the RA}

----------------------------------------------------------------------------

Comments
pardeepk
Level 1
Level 1
‎04-15-2017 05:21 AM

Hi Rajan,

Thanks for sharing ,wonderful information to granular analysis. 

Regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents