 We're looking at the medium access control layer of 802.11, MAC, and we said yesterday that there are two parts. There's the part to manage the network and the part to send data, the data transfer phase. So to manage in summary, with the management part we need to discover an access point and there are two ways. There are beacons sent by access points and or there's probe requests sent by your client to the access point or broadcast by your client. If an access point receives it, it responds. Once you know about an access point, you select one or your device selects one. That can be user selected, that is maybe the interface presents a list of access points that is discovered and you select one. Or the software on your computer can automatically do it. For example, you may automatically select the WSIT access point or on the WSIT network. Once you select one, then you go through the process of authenticating and associating. The authentication, we haven't showed in detail, but there are different modes of authentication or different types. There's what's called open authentication where there's no security. Everyone can use that access point. What about in SIT's network? What form of authentication do we have on the wireless LAN? What do you think we do with the wireless LAN in SIT's network? Do you need a password to use the wireless LAN in campus? Think carefully. No, when you use the wireless LAN you don't enter any password. When you use the SIT internet you do, but that's separate. And it's separate from the wireless LAN. When you use the lab computer, not on the wireless LAN, but on any lab computer, you need to provide the password. When you use the, or in my office, for example, I need to provide a password to use the SIT internet. It's got nothing to do with the wireless LAN. In the wireless LAN, to associate with one of the access points out on the corridor, anyone can do that. There's no authentication inside SIT. The only authentication is once you go out to the internet, that's once your traffic goes outside of this campus. So it's what's called open authentication. There is no authentication in SIT, which means all of the data that you send is also, there's no security involved. There's no encryption of your data. There are other modes where the access point can check. So you need to, one of the protocols is called WEP. We're not going to cover security, but just to mention, WEP for wide equivalent privacy, but it's the name of the first security mechanism used in 802.11 in wireless LANs. And how it worked is, or how it still works is the access point is configured with a password or a key. And for you to be able to authenticate with that access point, you must have that same password or key. So entered into your computer, for example. And then when you authenticate, you perform some operation using that key on your computer, send the results to the access point. Because the access point has the same key, it can verify that you have that key as well. And whoever has that key is allowed access to the network. So that key is a password or a secret. It has some problems. WEP in terms of the way the algorithm works, it's very easy to find someone else's key. So even if we keep the key secret in the access point and no one tells anyone about the key in your laptop, someone else can listen in, intercept the traffic. And within a few minutes, in some cases, they can find the key. So it's considered insecure now. The improvements, which led to a more complex set of protocols, WPA2, wireless or Wi-Fi protected access. So that is considered secure in most forms. So that provides a means for authentication and also encryption. Authentication is about checking that you're allowed to access the network. The encryption is about making sure the data you send cannot be read or intercepted by someone else. They provide both authentication and encryption. Once you're authenticated, you associate with the access point, which is really just some form of registration. And then the access point keeps a database of listing all the clients which are associated with it. And then you can transfer data. And there are methods for leaving, deauthenticating, and disassociating. So that's the management part of the wireless LAN. We want to focus more on the data part, the data transfer for the rest. But before we go into the details, we'll look a bit more about the frames and some other aspects of addressing. We finished yesterday with looking at the Wireshark capture, showing some details of a beacon and a probe request frame. Let's look at the frame details. So in the data transfer, we're going to look at also the frame structure. We'll come back to the details of data transfer. This is the general structure, we're going to look at the general structure of the header of the frames. And it's similar across all the frames. So I'll use the data frame as an example. When we send data, it's a reliable data transfer in that we send data and we expect to receive an acknowledgement back. So we have two types of frames. Data frames and ACK frames. For the management, we've seen beacon frames, probe requests, and others. For data transfer, we have data frames. And really as part of control, to control the data transfer, there's an ACK frame. And a little bit later, we'll not describe them yet, but there are two other types of frames called RTS and CTS. We will not get to them today. So just for now, we send data from, for example, your client to an access point, and the access point will send back one ACK, an ACK frame. Let's look at the structure of those frames. With the data frame, there's some header, the data, the payload, that's the information we want to transfer. And there's also something at the end, a trailer. With an ACK frame, that is just a header. There's no data included in an ACK frame. The size varies. For the data, the contents, the payload, has a maximum size of 2,312 bytes. But because our wired LAN is normally limited to 1,500 bytes, in most cases, in a wireless LAN in practice, you'll see the maximum size is 1,500 bytes. But it can go larger. The header and trailer, again, it differs in the length because there are some optional values that can be in there. Typically around 34 bytes, header plus trailer. That's the overhead in the packet or in the frame. And the ACK, again, it can vary. But typically, at least in some examples, we'll see 14 bytes, just the approximate sizes. So the ACK is very small, normally compared to data. Usually our data, we have hundreds of bytes at least, hopefully, maybe 1,500 bytes. The header is just a small fraction of that. And so is the ACK, the acknowledgment. Let's look at the structure in a bit more depth. Looking at focusing on the data frame. The green part at the start is the header. And then we have the data called the frame body. So up to 2,312 bytes. This is the information we want to carry. And the trailer. The trailer here, FCS, is a frame check sequence. Not written there, but let's write it down. A frame check sequence. And it's for error detection. So I think most of you have seen, or at least you've heard, of CRC and other error detection schemes, the simplest being a parity check. What we do when we send our data, we attach this frame check sequence at the end. And it's such that the receiver compares the data that they receive and apply some operation and compare the result with the received frame check sequence. If they're the same, it assumes that the frame is correct. There are no errors in it. If they're different, then it assumes that there's some error in the data. So it's a way for the receiver to detect errors in that frame that it receives. Because if it receives 1,000 bytes, 8,000 bits, how does it know that those 8,000 bits that it receives are the same as what was transmitted? And that's what the frame check sequence allows us to do. It uses a 32-bit CRC, a 4-byte value there. So that's at the end. Then we have some data. And let's look at the header and focus on that. There is at the start a 2-byte frame control field. And that's described on the next slide. That 2-byte frame control field actually has many different meanings. And they're described here. So this is the 2-bytes. There's a 2-bit protocol version indicating what version of the MAC protocol is being used. So 2-bits, so the value is 0, so 2 zeros. Then there's a type. Remember, we have control, data, and management frames. So this header applies not just for our data, but for the other types of frames, beacons and so on. So the 2-bit type, management is 0. Control is 1, and data is 2. Then a subtype, within some of those types, there are subtypes of frames. For example, management frames, there are beacons, probe requests, probe response, association request, and so on. They are the subtype of the management frame. So this is all in the frame control field. The bits have different meaning. We'll come back to the 2 and from DS in a moment. Let's go through the easy ones first. We may have to fragment our data. So we may have, if we have 4,000 bytes to send, the maximum frame size is 2,312, we have to break that 4,000 into two fragments. So we may have to fragment the data. And if we do, in the first and all but the last fragment, this bit will be set. That is, we set this to 1, meaning here's one fragment. There are more fragments coming after it, more fragments to follow. We're not going to explain or give any examples about fragmentation. You may see it in your assignment. We send data, and we expect an act back. If something goes wrong, we'll have to resend the data, retransmit. If this frame is a retransmission, the retry bit is set. There's the option of using power management. I've mentioned before on your device that because the wireless chip, when we transmit and receive, uses a lot of power of your mobile device, sometimes it's nice to turn off the radio. So it's not doing anything and not consuming so much power. So there's a way such that the device can turn off or reduce the power consumed of the radio and then wake up at certain times to receive data from an access point. So there is a power management or a power-save mode. This is set to 1 if that's on. Again, we'll not go through how that works. Needs too much time. Not so common, although more so in mobile phones, not so much in laptops now. And there's another one related to power-save mode, more data. Whether WEP is on or off, so whether we're using it or not. And there's some option to indicate whether we have some ordering, especially if we do multicast. Again, we will not see that or try to describe that. So the frame control field indicates what features are being used for this data transmission. The two and from DS, two bits, so it gives us four possible values. They indicate the direction of our frame. So 1-0 means this frame is going from the client to the access point. 0-1 is mean it's going from access point to client. And then there's two special cases. 0-0 means it's ad hoc between client and client, between two laptops. There's no access point involved. So that's what we mentioned yesterday as the ad hoc mode. Ad hoc mode, the other name or maybe the official name is IBSS, independent basic service set. Ad hoc mode is the same as IBSS, an independent basic service set. We're going to focus only on the infrastructure mode when we use an access point. But of course we can go laptop to laptop. Most of the things that we look at, especially the data transfer, are the same. So the formal name is IBSS, or independent basic service set, and commonly called ad hoc mode. Sometimes Wi-Fi direct or direct mode. What else do we have? So if we're using that mode, these two bits are set to 0-0. And there's one other special case, access point to access point, also called bridging. That's when we have two access points. We may have a client that associates with one, and another client associates with the other access point. And the two access points talk to each other. So the client or your laptop sends to the access point. The access point sends to another one wirelessly, which then sends down to the destination client. So that's called bridging mode. We bridge between the two access points. If we're using that mode, then when we send our data frame, the to and from bits will be set both to 1. We will not see that case very often. So that's the first two bytes of our header, the frame control field. Going back, so that's this two byte here. What else is in the header? We have a duration field, a two byte duration field, 16 bits. We will see that in use when we talk about a later feature, and that won't be today called RTS-CTS. The duration will come back to where that's used when we look at RTS-CTS. Importantly, we have address fields. And normally in packets, when we look at protocols, we normally have a source and destination. IP, datagrams, there's a source IP address, destination IP address. Ethernet frames, a source hardware, and a destination hardware address. In wireless LAN, we have at least three addresses, sometimes four addresses. And that's A1, A2, A3, A4. A4 is not always used. And we'll see in some later slides the examples, but there's normally the address of the source device. For example, my laptop. There's the address of the access point, the basic service set ID, just the MAC address given to the access point, and the address of the other client I'm communicating with. Because normally our communications are not from laptop to access point, it's laptop to some other computer via the access point. So if I plug, for example, our access point into this PC here, if I plugged it in and I wanted to communicate from my laptop to the PC, then it would be wireless to the access point and then via the wide land to the PC. So one of the addresses would be my computer, my laptop. One would be the access point and one is the PC address. So that's where we get our three addresses normally. The fourth address is only used when we have bridging. We connect laptop to access point, access point to another access point, and that access point to another client. So the four addresses would be the addresses of those four devices. And in the subsequent slides, I've got some examples of those. Last field that we haven't mentioned is the sequence control field. There's a sequence number, a 12-bit sequence number. So when we send data, we increment the sequence number. And if we have to perform fragmentation, if we have a large amount of data and we need to break it into multiple data frames, then those fragments will get a fragment number. So for example, let's say we have 1,000 bytes to send, then maybe that has sequence number one. The fragment number is not of interest because we've only got one fragment. And then another 1,000 bytes some time later, sequence number two. And then we have 3,000 bytes to send across our wireless land. Then we may have to fragment that into three different pieces, or two pieces, in fact. Say 2,000 bytes and 1,000 bytes, because our maximum size is 2,312. So this would be sequence number three and fragment number one, or actually we start at zero. And this would be sequence number three and fragment one. So each piece of data that's delivered to the wireless land MAC layer gets a sequence number. But if we have to break it into smaller chunks, into fragments, then those individual chunks get independent or different fragment numbers as well. So we transmit one frame, then another frame, then we transmit this frame, and then this fourth frame. And the receiver, when they receive them, because it has fragment numbers, it knows it needs to join these two together before it sends up to the next high layer. In most cases, fragmentation should not be needed. Because it introduces extra overheads and processing, it's usually bad for performance. So the network should be set up so it's not needed. So that's the general structure of a data frame. And the header fields are similar in the other frames, the addresses, the frame control, and so on. The ACC frame is slightly different. We only need two addresses in the ACC frame. And some of the other fields are not needed. Let's come back to the addresses and why we have three, sometimes four, addresses. All of the addresses are 48-bit hardware addresses, same as in Wiredlan and Ethernet, same type of addresses. Let's go through three examples showing where the different addresses are used. Well, what are the values of A1, A2, A3? And we'll give one also for A4. These are our clients. You can tell this is an old picture that I've created because they're not laptops. They are the old ones you had to plug into your laptop. But they are our clients, for example. Our wireless LAN cards and our access points. And as is typical in an infrastructure mode, wireless LAN, in the normal operation, the access points are connected via some Wiredlan to some switch and then connected out to some other network. So in this example, let's say this is SIT's network. There are several access points. There are the wireless LAN clients. The access points have cables connected to the Wiredlan on campus. So this is a switch, just a normal switch. Many access points connect into it and then connect to other switches, maybe routers and other PCs connect into this switch. So when this client wants to send data, the destination is not the access point. We don't want to communicate with an access point. We want to communicate with another computer on the network. The access point doesn't have someone sitting at it. It doesn't have servers running on it. The role of the access point is just to forward this data between the wireless network and the wired network. So let's say we want to send to this computer some data. Then when the client creates a wireless LAN frame, there are three addresses. There are first, the access point address. That is the one on the, usually it's on the back or it's given in the management interface of the access point. It's the basic service set ID. That's the, let's say the immediate destination. Then there's the source, the source is that of the client. And the third address is that of the final destination, the PC on the LAN. So there are in fact two destinations. We send it to the immediate or next is A1, but eventually it needs to come to A3. So in the frame that's sent, all three addresses are included. Any questions on how those addresses are used? Should be a question, where do you get these addresses from? How does, so the question should be, how does your laptop know the address of this PC? Well, it usually involves the high-layout protocols. Let's say for simplicity, this is some server, some email server on the LAN in SIT. And your email client on your laptop wants to communicate to the email server on the LAN. Then your laptop must know either the IP address of that email server or possibly the domain name. Maybe it knows that the email server, the email server may have a domain name like mail.sit. So if your email client knows that domain name and it would need to be configured if you want to access the email server, then that domain name needs to be mapped to an IP address. How do we map it to an IP address? No, no. How do we map that domain name to an IP address? DNS. The domain name system, that's its purpose, and the DNS protocol, given a user-friendly domain name, it keeps track of them and the corresponding computer-friendly IP addresses. So this domain name corresponds to some IP address. Let's say 101062, for example, an IP address. So your computer starts off with the knowing the domain name, then DNS is used, the domain name system, to find what is the corresponding IP address. And that's not part of wireless LAN. That's part of the internet and it's used on most LANs, wired wireless. So there needs to be usually some other server or something set up such that we can find this mapping of the domain name to IP address. Let's assume that we can do that. That is, the client now knows the IP address. It needs to know the hardware address of this computer. It knows the IP address, it needs to know the hardware address. So here's our email server. It has some IP address, 101062. It also has a hardware address, some 48-bit Mac address. The address in the destination of the frame that your wireless LAN client creates must be this address, the Mac address of the email server. So your client now knows the IP address of the email server, but it needs to know the Mac address of the email server. How does it get that? So we've mapped domain name to IP, now we need to map the IP address to a Mac address. Does anyone know how that's performed? You may or may not have seen it. How do you map a IP address to a hardware address? There's a protocol that doesn't. There's a protocol called, used in LANs, ARP, the address resolution protocol. Think of it similar to DNS, although it works different, it doesn't rely on servers, but the same purpose, to map an address in one format to an address in a different format. We know the IP address, we need to know the hardware address, ARP on a LAN finds that for us. Actually, what happens is that you send a special ARP request, it's broadcast through the LAN, and whoever owns that IP address will respond and say, here is my Mac address. We're not, our intention is not to go through how ARP works, but just be aware that that's a protocol to map IP to hardware address. Whatever our hardware address is. And once that's done, your laptop, the client in this case, now knows the hardware address of the PC or the email server. It should know the hardware address of the access point because it's associated with it. So it knows the hardware address of the access point, it knows its own hardware address, it's now learnt the hardware address of the destination, it creates a frame, a wireless LAN data frame, and sets the three address values to its own, or access point its own, and the email server. These steps of discovering the address are not part of wireless LAN that used in normal, well, used in the internet, DNS, and used in any wired or wireless LAN, ARP, the address resolution protocol. The other, there's other cases if we go in the other direction. This is to the LAN. Same principles apply when we receive a response. We send a data frame, so in this case, we send a data frame to the access point using wireless LAN. What that wireless LAN access point does is takes the data and uses the wired LAN ethernet to send the data to our destination PC. That uses, that receives the data, processes the data, and may respond. Let's record those addresses. So the case that we've just covered is that the client, once it knows the addresses, it creates a wireless LAN frame where the address one is that of the access point, the BSS ID, address two is the client's address, so the immediate destination, the source, and address three is the final destination, in our case, or in our example, the email server, the hardware address of the email server. This wireless LAN frame is sent across the air to the access point. What the access point does now is takes the data from this frame and creates a wired LAN or an ethernet frame, which is a different format, an ethernet frame just for the wired data transfer, different format frame, but takes the data and puts it inside an ethernet frame, and this is sent by the access point over the wired network, and that has a source address and a destination address. What's the destination? A3, okay, so it's being sent from here and sent to A3, the email server in our case. Address three from the wireless LAN frame. What's the source? The source is A2, the client. Of course, it's the access point sending it, but it originally came from A2, the client. So that's sent across the wired LAN. It's received by A3. When A3 receives it, it's received data from A2, your laptop. It doesn't know that it's came from the wireless LAN. The email server has no knowledge that this data originally came from a wireless LAN client. It's just received an ethernet frame. So this is an ethernet frame here. Destination is that of the email server. Source is the client, your laptop, but there's no indication that this came from the wireless LAN. And it simply responds, setting the destination to your client, your laptop address. And of course, the source will be the email server. So it gets a bit tricky in terms of the addressing in that we really use the original source and the final destination. The access point just has the role of forwarding it between the wired and the wireless LAN. And it questions so far before we finish this example. So we've got the frame or the data to the client, now the client responds. What are you looking at from the LAN? No, they cannot be anything. In this specific case, when we're going from the wireless, it says to LAN, it means to the wired LAN, okay? From the wireless to the wired, A1 is the access point. Always. A2 is the wireless LAN client, the one who's sending it. And A3 is the destination wired client, which is what we have here. That frame is sent to the access point, which takes the data out of the frame and puts it inside an ethernet frame and then sends that across the wired LAN. That's not part of how of the wireless LAN standard. That's completely separate of how it's sent across here. The normal ethernet LAN. The email server receives it. And of course, in most cases, it may send back a reply. And the next slide shows the case of the reply. Actually, no, don't look at this yet. First, there's an ethernet frame that goes from A3. The source address is A3 in the ethernet frame, the destination address in the response. Your email server just received this frame. Where does it reply to? The email server just received an ethernet frame. The destination address was that of the email server. It received it. The source address was that of the laptop, the client. Where does it reply to? Of course, it replies to the source address. There's nothing else it knows about. When you receive something, you wanna send back a response, you send it back to what the source address was. So, the server creates an ethernet frame. Source address is that of the server. Destination address is that of the laptop. And sends it onto the wired LAN. Where does it go? It goes to the switch. And it's the role of the switches to make, to send in this direction. Because this, from the wired LAN's perspective, from the wired LAN's perspective, this access point is telling the wired LAN that it has that address of the laptop. You can think that the access point is acting on behalf of all these wireless LAN clients on the wired LAN. So, when anyone sends to this client, it will actually be delivered to the access point. Because the switches will be configured, this switch will be configured such that if it receives a frame and the destination is this client, it will know to send it out on this port, which will be received by the access point. Because that access point is acting on behalf of the clients. That's what the access point does. And once, so it's an ethernet frame sent to the switch and then to the access point, the access point receives this and sees that the destination is our laptop. And that's when it creates a new wireless LAN frame. And in that wireless LAN frame, there are three addresses. A1, destination of the laptop, A2 is the access point, A3 is where it came from, the email server. And sends a wireless LAN frame here, only. So, the details of how this works depends upon as we've seen how we address resolution, we map addresses to a hardware address, and also how on the ethernet, wide LAN works. Clear? Clear as mud. I don't know if our capture has an example. I don't think so. So normally an access point connects wireless LAN to wide LAN. And the goal, the goal of the access point is to make it as if the clients, the PCs, the laptops, can communicate as if they're on the same wide LAN. You look from this computer's perspective, when it received data, it received it just from another computer. It doesn't know that that computer is wireless, because it just receives the ethernet frame and therefore replies. So from the wide computer's perspective, they have no knowledge that they're communicating with a wireless LAN client. And that's because the access point plays this role of bridging the two networks together. And it's commonly called just on itself a bridge. It means by just plugging in an access point to a switch, you can extend your wired network to provide coverage of laptops and other mobile devices. Let's get some more details about the access point. Got an example somewhere, maybe, maybe not. Well, I do have it though and I remember. So the wireless LAN access point forwards the traffic from the wireless LAN to the wide LAN and vice versa in the other direction as well. We may return to this example, the other cases. Let's go into a bit more depth about the access point and some of the terminology. What is, what would you call this? An access point, it says on there, wireless G broadband router. A wireless router is another name that you may hear of, a wireless LAN router, a wireless LAN access point. What's the difference between an access point and a router? Convert signal, what we've seen out, access point has done is taken the data from a wireless LAN frame and put it in an ethernet frame and same in the other direction. So it's joined an 802.11 wireless LAN with an 802.3 wired LAN. What would a wireless router do? How would it be different? And in fact, the terminology sometimes they're mixed together sometimes, but let's try and distinguish between the two. And mainly from the point of view, well, we can distinguish from the point of view of the layers that they operate at. I'll try and draw it so it's a bit clearer, but let's see how we go. Let's look at the layered perspective of a wireless LAN access point. So if we draw the layers, what's at the bottom layer? If we break it into different parts, there's a physical layer. So at the bottom, we have the physical layer. And in the wired LAN part, we have the physical layer of 802.11 and the other side. So with our layered stack, we have our layers, but with an access point, it connects two different networks together. So let's say we have two different interfaces. There's the interface for 802.11 and on the other side, there's the wired LAN interface. So I'll draw them in the same stack. And so the others is 802.3 and the next layer, what's the next layer? Data link and more specific, there's a sub-layer, the MAC layer, and it's the same in, and above that, we have another layer. What is it? And this is one you won't have heard of. It's 802.1D, that's a D. Not destination, it's a bridge. So from a layer perspective, what do we have? We have at the bottom, this is the physical layer. I need to align my pen, I'll be okay. And at this next layer, data link layer. And this data link layer, if you can read it, is broken into two layers. The MAC layer, medium access control. That's how to transfer the data. And it's different for, of course, our wired LAN, 802.3 and our wireless LAN, 802.11. But for an access point, which is what we're drawing here, above that, those two interfaces are joined together using a different protocol or a different technology, 802.1D. It's used for connecting different 802 families of protocols together. In this case, 802.11 to 802.3 and also others. And it's called a bridge. The access point has no operation at the network layer. So the next layer up is the network layer here. The access point is not involved in that. It's not involved with the internet protocol. And that's a good way to distinguish between an access point and a router. Our access point in our example, if this is an access point, or is behaving as an access point, then it has no need to understand IP addresses to implement the internet protocol. All it does is receives wireless signals, processes them at the Mac layer. And what the bridging layer does, 1D, 802.1D, simply takes the data and forwards it to the 802.3 Mac layer, which creates our ethernet frame and then transmit across the wire out to the switch and out to the wide land. So what about a wireless router? How will I draw that? Wireless router, the router, as we know, a router typically works at the network layer. So if we try and draw it, we have the same. There's no bridging layer involved in here. The bridge is only to connect 11 to three at the, within the data link layer. Up here we have what? This is the network layer, specifically IP. So that's the difference here. Physical layer, data link, and above that, the network layer. So note the difference. In both devices, we have two interfaces. The wireless interface, 802.11, and the wired interface, 802.3. It's just how they are connected together. In an access point, we use the special bridging protocol, 802.1D, to connect them together. In a router, they use the internet protocol to connect them together. So a router would have an IP address, in fact, two IP addresses, one for each interface. We receive something on the wireless LAN interface. The past up to IP, IP looks at the IP datagram, looks at the routing table, looks up the destination address in the datagram, and the routing table determines to send it across the next interface. So generally, more complex than an access point. Because it needs to implement a process IP datagrams, it can be considered more complex than an access point. An access point can just bridge, and it's a little bit simpler. You can still buy access points. So you can buy devices which are just access points. But it turns out today, to build an access point or a router is about the same cost. So most devices can act as a router anyway. So in the past, many devices for wireless LANs were built just as an access point. And they didn't have routing capabilities. But nowadays, because of the hardware is so cheap, then it doesn't take much to have your processor implement, and the software to implement IP as well. What about the access points in SIT? Are they access points, like we described, or are they routers? They are access points. Because again, it's much simpler from the network's perspective. The other thing is that if this is a router, remember routers join subnets together. So on this side, we'd have one subnet with one IP address range. And on this side, another subnet with another IP address range. So the management of those IP addresses, setting them up, communicating between the subnets is extra complexity. Whereas an access point just joins two networks, wireless and wired together, to create one larger subnet. Maybe another way to draw that. And I will not try in there, I won't have enough time, but let's do it quick. You can draw. Another way to draw our access point. We have, and maybe we have a switch, some PCs attached, and maybe another router out to the internet. Same diagram. Laptop, wireless device, either access point or wireless router. And then in the wired LAN, a switch and some PCs attached to that, so wired LAN here, and then a router that connects us to the rest of the world, in both cases. The difference is that with the access point, this is all one LAN, from IP's perspective, from the internet protocol's perspective. Everyone on here, laptops, PCs, all use the same subnet or network portion of the address. Whereas here, here's one IP subnet, here's another. There on the PCs and the laptops are a different subnet. They have different network portions in their IP addresses and they need different ways, or they may have different DHCP servers to manage and allocate IP addresses and cannot easily communicate between each other. This acts as a true router. This is more complex in both the setting up the addresses and managing the network. This is simpler, because everything's treated as a normal ethernet LAN. So that's where using access points is beneficial. Most of the devices you see or you can buy can be either an access point or a router nowadays, because it's cheap enough to build in one. The bottom one has the disadvantage in that it's more complex, because if it's not clear, there are two IP subnets here. Maybe these computers have addresses 10, 10, 6.something on this subnet. These may be 10, 10, 7.something. So two different IP subnets. This is a router which needs to forward between the different IP subnets. Possibly discover IP addresses, possibly be involved in IP routing. In this case, there are all PCs, laptops, for example, 10, 10, 6. This isn't involved in routing, doesn't have an IP routing table. It just forwards between the wireless portion and the wired portion. So this is simpler than here. Having a router can be more useful if you want to separate the networks. Maybe you want to keep the wireless LAN completely separate and for security reasons, maybe have a firewall on here to block traffic. So it may be easier to do it in that case. So the access point is simpler, but it can normally do less things than what the router can do. It will not filter traffic and so on. It will not act as a firewall. Any other questions on the difference between an access point and a router? Let's spend the last 10 minutes looking at quickly the access point you have so you can spend some time over the next week and come with it next week, configured and working. There are one or two other cases of the addresses, but we'll return to them next week. We'll see that it's not much different if we go between the wireless LAN. What about the access points that you have? So I've given you each group an access point. It's a router, in fact. It's not a simple access point. It's a wireless router. They're quite old, but have been considered quite reliable. When you buy them, they run software. It's a router. It acts as not just a router, a switch, an access point, and a firewall and other things it can do. It runs software as given by the manufacturer, but we've installed some free firmware on it called OpenWRT. So that's already installed on there. It provides a different operating system, basically, for the device. It's a computer. It has an OS on there and has applications on there. OpenWRT is one of the several free firmware packages that are installed. You can look on the website and it only works on specific devices. It has a list of devices. It depends upon the... It's a Linux-based operating system, so it's a cut-down Linux installed on there. And let's find our device. It links this, which must be six or seven years old now, at least some of the original versions. It's a model WRT54GL, says on the front. And if you find that here, this lists some of the specifications of this device, the CPU, the memory it has. So you can see, for example, with the memory, how much is available to install other applications on there. We have to scroll down. There are different variations, but let's focus on the one we've got, the GL. The WRT54GL, it has a system on a chip by Broadcom. You can have a look. You can have a quick look. That's what the internals look like. I'll show you a photo in a moment. Broadcom is the company that manufactures the chip that does most of the processing. It has a 200, where are we? 200 megahertz CPU, 200 megahertz. A four megabyte flash memory. So that's the memory for storing the firmware. So that's their persistent when you're on power. And a 16 megabytes of RAM. So when it's running, you can install applications in the RAM, but of course, they'll disappear when you unplug the power. And of course, you can do your processing and so on in the RAM. And it supports 802.11b and g. It doesn't support a or n. And it has a number of LAN ports, as you see in the back. There are five different LAN ports. That's the same as, or almost the same as what's being passed around. So that's the board. So there's LAN ports here. There's one here and a set of four here. There's the main chip manufactured by Broadcom. That includes the CPU and the wireless chip. So it implements the 802.11 and also implements the 802.3. It in fact implements all of this inside that chip. The LAN and the wireless LAN. There's the flash memory chip, the four megabytes and the 16 megabytes of RAM. And then the antennas attached there. So that's the internals. It's not just an access point. It in fact, we can think of it as multiple different networking devices. And this is taken from that OpenWRT website. So is the previous photo. This is a visualization of the internals of it from the network architecture perspective. It implements a Wi-Fi access point. So it's got a wireless interface, the antennas and the chip on there conceptually or internally has a LAN interface. So it's an access point. Of course we do not see the cable going from the access point into this device, the CPU, but it's connected internally. So it implements a Wi-Fi access point. It implements a wired LAN switch. Okay, you can buy a switch separately from an access point and it has six ports. In fact, you can think of it as two switches. Although it's drawn here as one. Because they use this technology called VLANs, virtual LANs, we can think of it as two separate switches. So you no need to draw this, but just understand what it looks like. You see on the back there are five ports to plug your cable in, four together. That is in here labeled one, two, three, four. And there's a four. And there's another port for what's labeled the internet or the wide area network. Here it's labeled port zero. On the device it's called internet. And then internally, so there's not something you can plug the cable in, but internally connecting the switch hardware to the CPU, you can think there's another port. So we could draw that here. And in fact, that's used by both the internet port zero and ports one, two, three, four for the LAN. They use the same one and they're using virtual LANs to separate them. So we can say there are two switches. And then they connect into the CPU. And then that CPU connects to an access point, which gives us our wireless here. So that's up the top. And the CPU can do different things. It can run different servers and so on. And it can act as a router. It can act as a bridge, a bridge only. So like we saw what an access point, it connects here and it can also act as, depends on how you set it up a router. And the most common form is that this is one network and the rest is another network. So your internet connection is on one IP subnet and the wireless devices and the switch are on another IP subnet, but the wireless and the switch are together. Because it's an access point in the normal configuration. So we don't need power. Really three, there's a switch to plug four PCs into it. And when you plug them in, in the normal mode, they're on the same IP subnet as the laptops which connect wirelessly. So it's like this scenario. Access point and the switch has four ports. So we could connect four PCs and also connect an access point and as many laptops as possible. And then that switch via the router on the CPU then connects to the internet port, the fifth port here. And then that connects out to the internet on a different IP subnet. So that's the internals of the device. In addition to those network devices, on the CPU you can run different network applications. You can run, it normally runs a DHCP server, maybe a DNS server, a firewall, network address translation and with OpenWRT, you can install many other applications, web servers, email servers and so on. So your task, since we don't have an election next Wednesday, I think next Thursday, you should have, no, we've only got three lectures until the exams. So next Thursday, you should have your access point working that is you know how to get around the interface. So log in. If you don't have a wired LAN cable and you need one, then either see me tomorrow morning, I have one spare here. Anyone want it? Anyone? At the back, first hands. If you are missing, you have to return it. You don't get it for free. If you need a wired LAN cable, come and see me. And those people have a lab with me, maybe ask me in the lab Monday and I'll give you one then. Otherwise see me tomorrow morning or sometime next week. Set it up, make sure it works and make sure your laptops can do everything that the webpage says, especially about the Linux or Mac OS. Make sure that you can get them to run the software that I've listed on the webpage. IPERF and TCP dump and Wireshark. Let me know if there are any problems. We will go into the data transfer of wireless LAN on Thursday. Enough for today.