Beacon frames are used by the access points (and stations in an IBSS) to communicate throughout the serviced area the characteristics of the connection offered to the cell members. This information used by clients trying to connect to the network as well as clients already associated to the BSS.

信标帧被接入点(以及IBSS中的站点)用于在服务区域内传达提供给单元成员的连接特性。这些信息由尝试连接到网络的客户端以及已经关联到BSS的客户端使用。

Beacons are sent periodically at a time called Target Beacon Transmission Time (TBTT)

信标周期性地发送,发送时间称为目标信标传输时间(TBTT

1 TU = 1024 microseconds
Beacon interval = 100 TU (100x 1024 microseconds or 102.4 milliseconds)

1 TU = 1024 微秒
信标间隔 = 100 TU(100x 1024 微秒或 102.4 毫秒)

Here is the frame format of a Beacon frame.

以下是信标帧的帧格式。

Below shows a beacon frame capture. In the frame body section there are few mandatory fields & few optional fields. Here are the mandatory fields in a Beacon frame.

  1. Timestamp (8 byte)
  2. Beacon Interval (2 byte)
  3. Capability info (2 byte)
  4. SSID (variable size)
  5. Supported Rates (variable size)

以下显示了信标帧捕获。在帧体部分中有一些强制字段和一些可选字段。以下是信标帧中的强制字段。

  1. 时间戳(8字节)
  2. 信标间隔(2字节)
  3. 能力信息(2字节)
  4. SSID(可变大小)
  5. 支持的速率(可变大小)

Here is a brief description of each field of a Beacon Frame. If size of the IE specified withing bracket, those elements are fixed length. Other elements are variable in size.

以下是信标帧的每个字段的简要描述。如果IE的大小在括号内指定,则这些元素是固定长度的。其他元素的大小可变。

  1. Timestamp (8 byte)
    A value representing the time on the access point, which is the number of microseconds the AP has been active.When timestamp reach its max (2^64 microsecond or ~580,000 years) it will reset to 0. This field contain in Beacon Frame & Probe Response frame.
  1. 时间戳8字节
    表示接入点上的时间的值,即AP已经活动的微秒数。当时间戳达到最大值(2^64微秒或~580,000年)时,它将重置为0。此字段包含在信标帧和探测响应帧中。
  1. Beacon Interval (2 byte)
    Beacon Interval field represent the number of time units (TU) between target beacon transmission times (TBTT). Default value is 100TU (102.4 milliseconds)
  1. 信标间隔2字节
    信标间隔字段表示目标信标传输时间(TBTT)之间的时间单位(TU)的数量。默认值为100TU(102.4毫秒)
  1. Capability Information (2 byte)
    This field contains number of subfields that are used to indicate requested or advertised optional capabilities.
  1. 能力信息2字节
    此字段包含用于指示请求或广告可选功能的子字段的数量。

  1. SSID
    Present in all Beacons, probe requests, probe responses,association request & re-association requests. Element ID is 0 for the SSID IE. SSID could have maximum of 32 characters.
  1. SSID
    出现在所有信标、探测请求、探测响应、关联请求和重新关联请求中。SSID IE的元素ID为0。SSID最多可以有32个字符。

  1. Supported Rates
    This is present in Beacons, Probe Req, Probe Res, Association Req, Association Res, Reassociation Req and Reassociation Response. It is 8 octet field where each octet describe a single supported rate. Last bit (7th) of each octet indicate whether the data rate is “basic rate or mandatory” or “supported rate”. If 7th bit value is 1 it indicate a basic rate where as if value is 0 indicate a supported rate. The next 7 bit (0-6) specify the data rate value in units of 500kbps.

Eg. 6 Mbps (12 x500kbps units) Basic Rate value represent as 10001100
7th bit = 1 (to indicate basic rate)
0-6th = 001100 (value 12 to indicate 6 Mbps)

Here is a expansion of a “Supported Rate” field of a Beacon. It has Element ID, Length & Supported Rates fields. At least one mandatory rate must be set by AP & any station wanting to join the cell must support all basic rates. Given example shows a default setting of 802.11a radio where 6 Mbps, 12Mbps & 24Mbps set as “Basic Rates” to ensure joining station understand all modulation techniques (ie BPSK-6,9 Mbps QPSK-12,18 Mbps QAM-24Mbps & higher)

  1. 支持的速率
    出现在信标、探测请求、探测响应、关联请求、关联响应、重新关联请求和重新关联响应中。它是一个8字节的字段,其中每个字节描述一个支持的速率。每个字节的最后一位(第7位)指示数据速率是“基本速率或强制速率”还是“支持速率”。如果第7位的值为1,则表示基本速率,如果值为0,则表示支持速率接下来的7位(0-6)以500kbps为单位指定数据速率值。

例如。6 Mbps(12 x500kbps单位)基本速率值表示为10001100
第7位 = 1(表示基本速率)
0-6位 = 001100(值为12表示6 Mbps)

以下是信标的“支持速率”字段的扩展。它具有元素ID、长度和支持速率字段。AP必须设置至少一个强制速率,任何想要加入单元的站点都必须支持所有基本速率。给出的示例显示了802.11a无线电的默认设置,其中6 Mbps、12 Mbps和24 Mbps设置为“基本速率”,以确保加入站点了解所有调制技术(即BPSK-6、9 Mbps QPSK-12、18 Mbps QAM-24 Mbps及更高速率)。

  1. FH parameter set
    Used by legacy Frequency Hopping (FH) stations
  1. FH参数集
    用于传统频率跳变(FH)站点
  1. DS Parameter (2 byte)
    Present with beacon frame generated by stations using Clause 15, 18 or 19 PHY or if the beacon sent using one of the rates defined by one of the clause.
  1. DS参数2字节
    出现在由使用第15、18或19条款PHY的站点生成的信标帧中,或者如果信标使用由其中一条款定义的速率之一发送。
  1. CF Parameter (8 byte)
    Used with PCF, unused in real networks
  1. CF参数8字节
    与PCF一起使用,在实际网络中未使用
  1. IBSS parameter (4 byte)
    Present only within beacon frames generated by stations in IBSS (or Add-Hoc network)
  1. IBSS参数4字节
    仅出现在由IBSS(或Add-Hoc网络)中的站点生成的信标帧中
  1. TIM (Traffic Indication Map)
    Present only within beacon frames generated by APs. TIM element contains information useful for stations in low-power mode. The AP uses Delivery Traffic Indication Map (DTIM) to inform the cell if it has broadcast or multicast frames buffered. DTIM is not present in all beacons and all TIMs.

As you can see below it has following fields
a. Element ID (1 byte)
b. Length (4 byte)
c. DTIM Count (1 byte) - how many beacon frames(including current one) appear before next DTIM. Value 0 indicate current TIM is a DTIM
d. DTIM Period (1 byte) - Number of beacon intervals between successive DTIMs
e. Bitmap Control (1 byte) - if 1st bit=1, buffered multicast/broadcast data at AP, if 1st bit=0, no multicast/broadcast data at AP.
f. Partial Virtual Bitmap (1-251 byte) - represent stations in low power mode for which AP has traffic buffered.

  1. TIM (流量指示图)
    仅出现在由AP生成的信标帧中。TIM元素包含对低功耗模式下的站点有用的信息。AP使用传输流量指示图(DTIM)来通知单元是否有广播或多播帧被缓冲 DTIM不在所有信标和所有TIM中都存在。

如下所示,它具有以下字段
a. 元素ID1字节
b. 长度4字节
c. DTIM计数1字节)- 下一个DTIM之前有多少信标帧(包括当前信标帧)。值0表示当前TIM是DTIM
d. DTIM周期1字节)- 连续DTIM之间的信标间隔数
e. 位图控制1字节)- 如果第1位=1,AP处于缓冲的多播/广播数据,如果第1位=0,AP没有多播/广播数据。
f. 部分虚拟位图1-251字节)- 表示AP缓冲了低功耗模式的站点的流量。

  1. Country
    Each country has regulatory bodies that limit the channels or power levels allowed in their regulatory domain. It defines the country of operation along with the allowed channels & maximum transmit power. This is not a mandatory field in a beacon.
  1. 国家
    每个国家都有限制其监管领域内允许的信道或功率级别的监管机构。它定义了操作国家以及允许的信道和最大发射功率。这不是信标中的强制字段。

12-13 FH Parameters & FH Pattern table (used by Legacy FH stations)

12-13 FH参数FH模式表(由传统FH站点使用)

  1. Power Constraint (3 byte)
    This element is related to 802.11h. This is for UNII2 & UNII-2 extended (CH52,56,60,64 & CH100-139) where spectrum is used for other purposes like civilian airport radar, weather radar. So to avoid interference with those systems AP should operate max power specified by these constraint fields.
  1. 功率约束3字节
    此元素与802.11h有关。这是用于UNII2和UNII-2扩展(CH52、56、60、64和CH100-139)的频谱,用于其他目的,如民用机场雷达、天气雷达。因此,为了避免与这些系统的干扰,AP应该按照这些约束字段指定的最大功率运行。

  1. Channel Switch (6 byte)
    This is also related to 802.11h. When a radar blast is detected, all stations must leave the affected channel. The AP can set to announce to the cell which is the next channel.
  1. 信道切换6字节
    这也与802.11h有关。当检测到雷达爆炸时,所有站点必须离开受影响的信道。AP可以设置为向单元宣布下一个信道。
  1. Quite (8 byte)
    Another element related to 802.11h where an AP can request a quiet time during which no station should transmit in order to test the channel for the presence of radars.
  1. 安静8字节
    另一个与802.11h相关的元素,AP可以请求一个安静时间,在此期间,没有站点应该传输,以便测试信道是否存在雷达。
  1. IBSS DFS – used with 802.11h in IBSS
  1. IBSS DFS - 与802.11h在IBSS中使用
  1. TPC Report (4 byte)
    This element is also related to 802.11h. TPC Report element contain Transmit Power & Link Margin information, usually sent in response to a TPC Request element. Below shows the “TPC Report” element of a beacon frame.
  1. TPC报告4字节
    此元素也与802.11h有关。TPC报告元素包含发射功率和链路余量信息,通常作为对TPC请求元素的响应发送。以下显示了信标帧的“TPC报告”元素。

  1. ERP Information (3 byte)
    ERP element is present only on 2.4GHz network supporting 802.11g & it is present in beacon & probe responses. The non-ERP_Present bit set to 1 in following conditions
    a. A nonERP station (legacy 802.11 or 802.11b) associate to the cell
    b. A neighboring cell is detected, allowing only nonERP data rates
    c. Any other management frame (except probe request) is received from neighboring cell supporting only nonERP data rates.
  1. ERP信息3字节
    ERP元素仅出现在支持802.11g的2.4GHz网络上,它出现在信标和探测响应中。在以下情况下,将非ERP_Present位设置为1
    a. 非ERP站点(传统802.11或802.11b)关联到单元
    b. 检测到相邻单元,仅允许非ERP数据速率
    c. 从支持仅非ERP数据速率的相邻单元接收任何其他管理帧(除探测请求外)。
  1. Extended Supported Rates
    Extended Support Rates element specifies the supported rates not carried in the Supported Rates Element. It is only required if there are more than 8 supported rates.
  1. 扩展支持的速率
    扩展支持速率元素指定了未在支持速率元素中携带的支持速率。只有在支持的速率超过8个时才需要。
  1. RSN – Robust Secure Network
    RSN information element used to indicate Authentication Cipher, Encryption Cipher & other RSN capability of stations. In the below RSN IE, it shows AP support 802.1X & 802.11r FT as Authentication Suites. Also it use AES as pairwise cipher (for unicast traffic) & group cipher (for broadcast/multicast)
  1. RSN - 强大的安全网络
    RSN信息元素用于指示站点的认证密码、加密密码和其他RSN功能。在下面的RSN IE中,它显示AP支持802.1X和802.11r FT作为认证套件。此外,它使用AES作为成对密码(用于单播流量)和组密码(用于广播/多播)。

  1. BSS Load
    This element is used only when QoS is supported & often called QBSS load element. It provides information on the cell load, from the AP point of view. It has following subfields
    a. Station Count – How many stations are currently associated
    b. Channel Utilization – % of time that AP sensed medium was busy (normalized 0-255)
    c. Available Admission Capacity
  1. BSS负载
    仅在支持QoS时使用,通常称为QBSS负载元素。它提供了关于单元负载的信息,从AP的角度来看。它具有以下子字段
    a. 站点计数 - 当前关联的站点数
    b. 信道利用率 - AP感知到介质忙碌的时间百分比(标准化0-255)
    c. 可用入场容量

  1. EDCA Parameter Set
    This element also used in when QoS is supported. In most QoS enabled network this field is not used, instead same information provided via WMM or WME vendor specific elements.
  1. EDCA参数集
    当支持QoS时,此元素也用于。在大多数启用QoS的网络中,此字段不使用,而是通过WMM或WME供应商特定元素提供相同的信息。
  1. QoS Capability
    This element is used only when QoS is supported. It is used as a replacement to the EDCA parameter element when EDCA parameter is not present.
  1. QoS能力
    仅在支持QoS时使用。当EDCA参数不存在时,它用作EDCA参数元素的替代。

25-32,34-36. Vendor Specific

25-32,34-36. 供应商特定

  1. Mobility Domain
    If AP supporting 802.11r (Fast Transition BSS), it will use Mobility Domain IE to indicate that. Below shown a MDIE of a beacon which supports FT-over-the-DS.
  1. 移动域
    如果AP支持802.11r(快速转换BSS),它将使用移动域IE来指示。下面显示了一个支持FT-over-the-DS的信标的MDIE。

  1. HT Capability
    Used in 802.11n.
  1. HT能力
    用于802.11n。

  1. HT Operation
    Used in 802.11n.
  1. HT操作
    用于802.11n。

  1. 20/40 BSS Coexistence
  1. 20/40 BSS共存
  1. Overlapping BSS Scan Parameters
  1. 重叠BSS扫描参数
  1. Extended capabilities
  1. 扩展功能
  1. VHT Capabillity
    Used in 802.11ac
  1. VHT能力
    用于802.11ac

  1. VHT Operation
    Used in 802.11ac
  1. VHT操作
    用于802.11ac

  1. VHT Transmit Power Envelop
    Used in 802.11ac
  1. VHT发射功率包络
    用于802.11ac

原文链接:https://mrncciew.com/2014/10/08/802-11-mgmt-beacon-frame/