tcpdump mailing list archives
Re: 802.11 + radio headers question...
From: Guy Harris <guy () alum mit edu>
Date: Mon, 13 Apr 2009 12:42:46 -0700
On Apr 12, 2009, at 12:06 AM, Eddie Harari wrote:
802.11 headers there is data field, what it this data field ?
According to IEEE Std 802.11-2007, section 7.1.2 "General frame format", an 802.11 frame has:
a 2-byte frame control field;
a 2-byte duration/ID field;
up to 4 6-byte MAC address fields;
a 2-byte sequence control field;
an optional 2-byte QoS field;
a frame body;
a 4-byte FCS field.
I don't see any field in the 802.11 headers called "data". Are you
referring to the frame body?
does it begin with IP headers or something preceds the IP headers ?
For data frames, the frame body begins with an IEEE 802.2 header, possibly followed by a SNAP header, followed by the payload for the protocol being carried over 802.11, such as IP.
in ethernet environment there is a protocol field in the headers thattells which protocol is in the body of the packet (ip / arp / rarp etc...) ,
Ethernet frames can either contain a protocol type field or a length field; if it's a length field, the header is either followed by an 802.2 header possibly followed by a SNAP header or by a raw Novell IPX packet.
is there something which is the same on 802.11 headers ?
There is no type field in an 802.11 header similar to the Ethernet type field. For protocols that have an Ethernet type value, for 802.11 (and Token Ring and FDDI and some other protocols), the 802.2 header following the 802.11 header will have source and destination SAP values of hex AA, meaning that there's a SNAP header following the 802.2 header, and the SNAP header will have an OUI value of hex 000000 and a protocol ID value that is an Ethernet type (an OUI of 000000 in a SNAP header means that the protocol ID value in the SNAP header is an Ethernet type).
See:
IEEE Std 802.11-2007:
http://standards.ieee.org/getieee802/download/802.11-2007.pdf
ANSI/IEEE Std 802.2, 1998 Edition:
http://standards.ieee.org/getieee802/download/802.2-1998.pdf
IEEE Std 802-2001, section 10 (for SNAP):
http://standards.ieee.org/getieee802/download/802-2001.pdf
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- 802.11 + radio headers question... Eddie Harari (Apr 12)
- Re: 802.11 + radio headers question... Guy Harris (Apr 13)
- Re: 802.11 + radio headers question... Eddie Harari (Apr 14)
- Re: 802.11 + radio headers question... Mike Kershaw (Apr 14)
- Re: 802.11 + radio headers question... Eddie Harari (Apr 14)
- Re: 802.11 + radio headers question... David Young (Apr 14)
- Re: 802.11 + radio headers question... Guy Harris (Apr 14)
- Re: 802.11 + radio headers question... Mike Kershaw (Apr 14)
- Re: 802.11 + radio headers question... Eddie Harari (Apr 14)
- Re: 802.11 + radio headers question... Guy Harris (Apr 14)
- Re: 802.11 + radio headers question... Guy Harris (Apr 13)
- Re: 802.11 + radio headers question... Guy Harris (Apr 15)
- Re: 802.11 + radio headers question... Eddie Harari (Apr 15)