802.11 Beacons Revealed

By Jim Geier

http://www.wi-fiplanet.com/tutorials/article.php/1492071/80211-Beacons-Revealed.htm (Back to article)

In a previous tutorial, I provided an overview of the various frame types that 802.11 stations (network cards and access points) use to support wireless data communications. In addition to data frames that carry information from higher layers, 802.11 includes management and control frames that support data transfer. The beacon frame, which is a type of management frame, provides the "heartbeat" of a wireless LAN, enabling stations to establish and maintain communications in an orderly fashion.

Beacon Contents

A typical beacon frame is approximately fifty bytes long, with about half of that being a common frame header and cyclic redundancy checking (CRC) field. As with other frames, the header includes source and destination MAC addresses as well as other information regarding the communications process. The destination address is always set to all ones, which is the broadcast Medium Access Control (MAC) address. This forces all other stations on the applicable channel to receive and process each beacon frame. The CRC field provides error detection capability.

The beacon's frame body resides between the header and the CRC field and constitutes the other half of the beacon frame. Each beacon frame carries the following information in the frame body:

An 802.11 probe response frame is very similar to a beacon frame, except that probe responses don't carry the TIM info and are only sent in response to a probe request. A station may send a probe request frame to trigger a probe response when the station needs to obtain information from another station. A radio NIC, for instance, will broadcast a probe request when using active scanning to determine which access points are within range for possible association. Some sniffing software (e.g., NetStumbler) tools send probe requests so that access points will respond with desired info.

Beacons in action

In infrastructure networks, access points (not radio NICs) periodically send beacons. You can set the beacon interval through the access point configuration screen. In general, the beacon interval is set to 100ms, which provides good performance for most applications.

In ad hoc networks, there are no access points. As a result, one of the peer stations assumes the responsibility for sending the beacon. After receiving a beacon frame, each station waits for the beacon interval and then sends a beacon if no other station does so after a random time delay. This ensures that at least one station will send a beacon, and the random delay rotates the responsibility for sending beacons.

By increasing the beacon interval, you can reduce the number of beacons and associated overhead, but that will likely delay the association and roaming process because stations scanning for available access points may miss the beacons. You can decrease the beacon interval, which increases the rate of beacons. This will make the association and roaming process very responsive; however, the network will incur additional overhead and throughput will go down. In addition, stations using power save mode will need to consume more power because they'll need to awaken more often, which reduces power saving mode benefits.

In an idle network, beacons dominate all other traffic. A packet-monitoring tool, such as AirMagnet or AiroPeek would display a continuous stream of beacon frames. With no user-generated traffic, an occasional data frame carrying protocols used for non-802.11 purposes, such as dynamic host configuration protocol (DHCP) will appear. Of course on networks with active users, a variety of other frames, such as association requests/responses, data frames carrying Internet traffic, acknowledgements, etc., intermix between the beacons.

There are no reservations for sending beacons, and they must be sent using the mandatory 802.11 carrier sense multiple access / collision avoidance (CSMA/CA) algorithm. If another station is sending a frame when the beacon is to be sent, then the access point (or NIC in an ad hoc network) must wait. As a result, the actual time between beacons may be longer than the beacon interval. Stations, however, compensate for this inaccuracy by utilizing the timestamp found within the beacon.

Beacons Functions

The amount of overhead that the transmissions of beacon frames generate is substantial; however, the beacon serves a variety of functions. For example, each beacon transmission identifies the presence of an access point. By default, radio NICs passively scan all RF channels and listen for beacons coming from access points in order to find a suitable access point.

When a beacon is found, the radio NIC learns a great deal about that particular network. This enables a ranking of access points based on the received signal strength of the beacon, along with capability information regarding the network. The radio NIC can then associate with the most preferable access point.

After association, the station continues to scan for other beacons in case the signal from the currently-associated access point become too weak to maintain communications. As the radio NIC receives beacons from the associated access point, the radio NIC updates its local clock to maintain timing synchronization with the access point and other stations. In addition, the radio NIC will abide by any other changes, such as data rate, that the frame body of the beacon indicates.

The beacons also support stations implementing power saving mode. With infrastructure networks, the access point will buffer frames destined for sleeping stations and announce which radio NICs have frames waiting through the TIM that's part of the beacon. On the other hand, the beacon in ad hoc network marks the beginning of a period where stations buffering frames can alert sleeping stations that frames are waiting for delivery.

As you can see, beacons are very important; without them, a wireless LAN simply won't work.

Jim Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the book, Wireless LANs (SAMs, 2001), and produces computer-based training courses covering wireless LANs topics.

Join Jim for discussions as he answers questions in the 802.11 Planet Forums.