draft-ietf-capwap-protocol-specification-01.txt   draft-ietf-capwap-protocol-specification-02.txt 
Network Working Group P. Calhoun, Editor Network Working Group P. Calhoun, Editor
Internet-Draft Cisco Systems, Inc. Internet-Draft Cisco Systems, Inc.
Expires: November 6, 2006 M. Montemurro, Editor Expires: December 23, 2006 M. Montemurro, Editor
Chantry Networks Research In Motion
D. Stanley, Editor D. Stanley, Editor
Aruba Networks Aruba Networks
May 5, 2006 June 21, 2006
CAPWAP Protocol Specification CAPWAP Protocol Specification
draft-ietf-capwap-protocol-specification-01 draft-ietf-capwap-protocol-specification-02
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 37 skipping to change at page 1, line 37
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 6, 2006. This Internet-Draft will expire on December 23, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The Internet Society (2006).
Abstract Abstract
Wireless LAN product architectures have evolved from single Wireless LAN product architectures have evolved from single
autonomous access points to systems consisting of a centralized autonomous access points to systems consisting of a centralized
controller and Wireless Termination Points (WTPs). The general goal controller and Wireless Termination Points (WTPs). The general goal
skipping to change at page 2, line 19 skipping to change at page 2, line 19
CAPWAP working group protocol requirements. The CAPWAP protocol is CAPWAP working group protocol requirements. The CAPWAP protocol is
designed to be flexible, allowing it to be used for a variety of designed to be flexible, allowing it to be used for a variety of
wireless technologies. This document describes the base CAPWAP wireless technologies. This document describes the base CAPWAP
protocol, including an extension which supports the IEEE 802.11 protocol, including an extension which supports the IEEE 802.11
wireless LAN protocol. Future extensions will enable support of wireless LAN protocol. Future extensions will enable support of
additional wireless technologies. additional wireless technologies.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 7 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 7
1.1. Goals . . . . . . . . . . . . . . . . . . . . . . . . . 7 1.1. Goals . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.2. Conventions used in this document . . . . . . . . . . . 8 1.2. Conventions used in this document . . . . . . . . . . . 8
1.3. Contributing Authors . . . . . . . . . . . . . . . . . . 8 1.3. Contributing Authors . . . . . . . . . . . . . . . . . . 9
1.4. Acknowledgements . . . . . . . . . . . . . . . . . . . . 10 1.4. Acknowledgements . . . . . . . . . . . . . . . . . . . . 10
2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 11 1.5. Terminology . . . . . . . . . . . . . . . . . . . . . . 10
2.1. Wireless Binding Definition . . . . . . . . . . . . . . 12 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 12
2.2. CAPWAP Session Establishment Overview . . . . . . . . . 12 2.1. Wireless Binding Definition . . . . . . . . . . . . . . 13
2.3. CAPWAP State Machine Definition . . . . . . . . . . . . 14 2.2. CAPWAP Session Establishment Overview . . . . . . . . . 13
2.3.1. CAPWAP Protocol State Transitions . . . . . . . . . 15 2.3. CAPWAP State Machine Definition . . . . . . . . . . . . 15
2.3.2. CAPWAP to DTLS Commands . . . . . . . . . . . . . . 22 2.3.1. CAPWAP Protocol State Transitions . . . . . . . . . 16
2.3.3. DTLS to CAPWAP Notifications . . . . . . . . . . . 23 2.3.2. CAPWAP to DTLS Commands . . . . . . . . . . . . . . 23
2.3.4. DTLS State Transitions . . . . . . . . . . . . . . 23 2.3.3. DTLS to CAPWAP Notifications . . . . . . . . . . . . 24
2.4. Use of DTLS in the CAPWAP Protocol . . . . . . . . . . . 26 2.3.4. DTLS State Transitions . . . . . . . . . . . . . . . 24
2.4.1. DTLS Handshake Processing . . . . . . . . . . . . . 27 2.4. Use of DTLS in the CAPWAP Protocol . . . . . . . . . . . 27
2.4.2. DTLS Error Handling . . . . . . . . . . . . . . . . 28 2.4.1. DTLS Handshake Processing . . . . . . . . . . . . . 28
2.4.3. DTLS Rehandshake Behavior . . . . . . . . . . . . . 29 2.4.2. DTLS Error Handling . . . . . . . . . . . . . . . . 29
2.4.4. DTLS EndPoint Authentication . . . . . . . . . . . 32 2.4.3. DTLS Rehandshake Behavior . . . . . . . . . . . . . 30
3. CAPWAP Transport . . . . . . . . . . . . . . . . . . . . . . 35 2.4.4. DTLS EndPoint Authentication . . . . . . . . . . . . 33
3.1. UDP Transport . . . . . . . . . . . . . . . . . . . . . 35 3. CAPWAP Transport . . . . . . . . . . . . . . . . . . . . . . 36
3.2. AC Discovery . . . . . . . . . . . . . . . . . . . . . . 35 3.1. UDP Transport . . . . . . . . . . . . . . . . . . . . . 36
3.3. Fragmentation/Reassembly . . . . . . . . . . . . . . . . 36 3.2. AC Discovery . . . . . . . . . . . . . . . . . . . . . . 36
4. CAPWAP Packet Formats . . . . . . . . . . . . . . . . . . . . 37 3.3. Fragmentation/Reassembly . . . . . . . . . . . . . . . . 37
4.1. CAPWAP Transport Header . . . . . . . . . . . . . . . . 38 4. CAPWAP Packet Formats . . . . . . . . . . . . . . . . . . . . 38
4.2. CAPWAP Data Messages . . . . . . . . . . . . . . . . . . 40 4.1. CAPWAP Transport Header . . . . . . . . . . . . . . . . 39
4.3. CAPWAP Control Messages . . . . . . . . . . . . . . . . 41 4.2. CAPWAP Data Messages . . . . . . . . . . . . . . . . . . 42
4.3.1. Control Message Format . . . . . . . . . . . . . . 41 4.3. CAPWAP Control Messages . . . . . . . . . . . . . . . . 42
4.3.2. Control Message Quality of Service . . . . . . . . 44 4.3.1. Control Message Format . . . . . . . . . . . . . . . 43
4.4. CAPWAP Protocol Message Elements . . . . . . . . . . . . 44 4.3.2. Control Message Quality of Service . . . . . . . . . 45
4.4.1. AC Descriptor . . . . . . . . . . . . . . . . . . . 45 4.4. CAPWAP Protocol Message Elements . . . . . . . . . . . . 45
4.4.2. AC IPv4 List . . . . . . . . . . . . . . . . . . . 46 4.4.1. AC Descriptor . . . . . . . . . . . . . . . . . . . 48
4.4.3. AC IPv6 List . . . . . . . . . . . . . . . . . . . 46 4.4.2. AC IPv4 List . . . . . . . . . . . . . . . . . . . . 49
4.4.4. AC Name . . . . . . . . . . . . . . . . . . . . . . 47 4.4.3. AC IPv6 List . . . . . . . . . . . . . . . . . . . . 50
4.4.5. AC Name with Index . . . . . . . . . . . . . . . . 47 4.4.4. AC Name . . . . . . . . . . . . . . . . . . . . . . 50
4.4.6. AC Timestamp . . . . . . . . . . . . . . . . . . . 48 4.4.5. AC Name with Index . . . . . . . . . . . . . . . . . 50
4.4.7. Add MAC ACL Entry . . . . . . . . . . . . . . . . . 48 4.4.6. AC Timestamp . . . . . . . . . . . . . . . . . . . . 51
4.4.8. Add Mobile Station . . . . . . . . . . . . . . . . 49 4.4.7. Add MAC ACL Entry . . . . . . . . . . . . . . . . . 51
4.4.9. Add Static MAC ACL Entry . . . . . . . . . . . . . 49 4.4.8. Add Mobile Station . . . . . . . . . . . . . . . . . 52
4.4.10. CAPWAP Timers . . . . . . . . . . . . . . . . . . . 50 4.4.9. Add Static MAC ACL Entry . . . . . . . . . . . . . . 53
4.4.11. Change State Event . . . . . . . . . . . . . . . . 50 4.4.10. CAPWAP Timers . . . . . . . . . . . . . . . . . . . 53
4.4.12. Data Transfer Data . . . . . . . . . . . . . . . . 51 4.4.11. Data Transfer Data . . . . . . . . . . . . . . . . . 54
4.4.13. Data Transfer Mode . . . . . . . . . . . . . . . . 52 4.4.12. Data Transfer Mode . . . . . . . . . . . . . . . . . 54
4.4.14. Decryption Error Report . . . . . . . . . . . . . . 52 4.4.13. Decryption Error Report . . . . . . . . . . . . . . 55
4.4.15. Decryption Error Report Period . . . . . . . . . . 53 4.4.14. Decryption Error Report Period . . . . . . . . . . . 55
4.4.16. Delete MAC ACL Entry . . . . . . . . . . . . . . . 53 4.4.15. Delete MAC ACL Entry . . . . . . . . . . . . . . . . 56
4.4.17. Delete Mobile Station . . . . . . . . . . . . . . . 54 4.4.16. Delete Mobile Station . . . . . . . . . . . . . . . 56
4.4.18. Delete Static MAC ACL Entry . . . . . . . . . . . . 54 4.4.17. Delete Static MAC ACL Entry . . . . . . . . . . . . 57
4.4.19. Discovery Type . . . . . . . . . . . . . . . . . . 55 4.4.18. Discovery Type . . . . . . . . . . . . . . . . . . . 57
4.4.20. Duplicate IPv4 Address . . . . . . . . . . . . . . 55 4.4.19. Duplicate IPv4 Address . . . . . . . . . . . . . . . 58
4.4.21. Duplicate IPv6 Address . . . . . . . . . . . . . . 56 4.4.20. Duplicate IPv6 Address . . . . . . . . . . . . . . . 59
4.4.22. Idle Timeout . . . . . . . . . . . . . . . . . . . 56 4.4.21. Idle Timeout . . . . . . . . . . . . . . . . . . . . 59
4.4.23. Image Data . . . . . . . . . . . . . . . . . . . . 57 4.4.22. Image Data . . . . . . . . . . . . . . . . . . . . . 60
4.4.24. Image Filename . . . . . . . . . . . . . . . . . . 57 4.4.23. Image Filename . . . . . . . . . . . . . . . . . . . 60
4.4.25. Initiate Download . . . . . . . . . . . . . . . . . 58 4.4.24. Initiate Download . . . . . . . . . . . . . . . . . 61
4.4.26. Location Data . . . . . . . . . . . . . . . . . . . 58 4.4.25. Location Data . . . . . . . . . . . . . . . . . . . 61
4.4.27. MTU Discovery Padding . . . . . . . . . . . . . . . 59 4.4.26. MTU Discovery Padding . . . . . . . . . . . . . . . 62
4.4.28. Radio Administrative State . . . . . . . . . . . . 59 4.4.27. Radio Administrative State . . . . . . . . . . . . . 62
4.4.29. Result Code . . . . . . . . . . . . . . . . . . . . 60 4.4.28. Result Code . . . . . . . . . . . . . . . . . . . . 63
4.4.30. Session ID . . . . . . . . . . . . . . . . . . . . 60 4.4.29. Session ID . . . . . . . . . . . . . . . . . . . . . 64
4.4.31. Statistics Timer . . . . . . . . . . . . . . . . . 61 4.4.30. Statistics Timer . . . . . . . . . . . . . . . . . . 64
4.4.32. Vendor Specific Payload . . . . . . . . . . . . . . 61 4.4.31. Vendor Specific Payload . . . . . . . . . . . . . . 64
4.4.33. WTP Board Data . . . . . . . . . . . . . . . . . . 62 4.4.32. WTP Board Data . . . . . . . . . . . . . . . . . . . 65
4.4.34. WTP Descriptor . . . . . . . . . . . . . . . . . . 63 4.4.33. WTP Descriptor . . . . . . . . . . . . . . . . . . . 66
4.4.35. WTP Fallback . . . . . . . . . . . . . . . . . . . 64 4.4.34. WTP Fallback . . . . . . . . . . . . . . . . . . . . 68
4.4.36. WTP Frame Encapsulation Type . . . . . . . . . . . 65 4.4.35. WTP Frame Tunnel Mode . . . . . . . . . . . . . . . 68
4.4.37. WTP IPv4 IP Address . . . . . . . . . . . . . . . . 66 4.4.36. WTP IPv4 IP Address . . . . . . . . . . . . . . . . 69
4.4.38. WTP MAC Type . . . . . . . . . . . . . . . . . . . 66 4.4.37. WTP MAC Type . . . . . . . . . . . . . . . . . . . . 69
4.4.39. WTP Radio Information . . . . . . . . . . . . . . . 67 4.4.38. WTP Radio Information . . . . . . . . . . . . . . . 70
4.4.40. WTP Manager Control IPv4 Address . . . . . . . . . 67 4.4.39. WTP Manager Control IPv4 Address . . . . . . . . . . 71
4.4.41. WTP Manager Control IPv6 Address . . . . . . . . . 68 4.4.40. WTP Manager Control IPv6 Address . . . . . . . . . . 71
4.4.42. WTP Name . . . . . . . . . . . . . . . . . . . . . 69 4.4.41. WTP Name . . . . . . . . . . . . . . . . . . . . . . 72
4.4.43. WTP Reboot Statistics . . . . . . . . . . . . . . . 69 4.4.42. WTP Operational Statistics . . . . . . . . . . . . . 72
4.4.44. WTP Static IP Address Information . . . . . . . . . 70 4.4.43. WTP Radio Statistics . . . . . . . . . . . . . . . . 73
4.5. CAPWAP Protocol Timers . . . . . . . . . . . . . . . . . 71 4.4.44. WTP Reboot Statistics . . . . . . . . . . . . . . . 74
4.5.1. DiscoveryInterval . . . . . . . . . . . . . . . . . 71 4.4.45. WTP Static IP Address Information . . . . . . . . . 76
4.5.2. DTLSRehandshake . . . . . . . . . . . . . . . . . . 71 4.5. CAPWAP Protocol Timers . . . . . . . . . . . . . . . . . 77
4.5.3. DTLSSessionDelete . . . . . . . . . . . . . . . . . 71 4.5.1. DiscoveryInterval . . . . . . . . . . . . . . . . . 77
4.5.4. EchoInterval . . . . . . . . . . . . . . . . . . . 71 4.5.2. DTLSRehandshake . . . . . . . . . . . . . . . . . . 77
4.5.5. KeyLifetime . . . . . . . . . . . . . . . . . . . . 71 4.5.3. DTLSSessionDelete . . . . . . . . . . . . . . . . . 77
4.5.6. MaxDiscoveryInterval . . . . . . . . . . . . . . . 72 4.5.4. EchoInterval . . . . . . . . . . . . . . . . . . . . 77
4.5.7. NeighborDeadInterval . . . . . . . . . . . . . . . 72 4.5.5. KeyLifetime . . . . . . . . . . . . . . . . . . . . 77
4.5.8. ResponseTimeout . . . . . . . . . . . . . . . . . . 72 4.5.6. MaxDiscoveryInterval . . . . . . . . . . . . . . . . 78
4.5.9. RetransmitInterval . . . . . . . . . . . . . . . . 72 4.5.7. NeighborDeadInterval . . . . . . . . . . . . . . . . 78
4.5.10. SilentInterval . . . . . . . . . . . . . . . . . . 72 4.5.8. ResponseTimeout . . . . . . . . . . . . . . . . . . 78
4.5.11. WaitJoin . . . . . . . . . . . . . . . . . . . . . 72 4.5.9. RetransmitInterval . . . . . . . . . . . . . . . . . 78
4.6. CAPWAP Protocol Variables . . . . . . . . . . . . . . . 73 4.5.10. SilentInterval . . . . . . . . . . . . . . . . . . . 78
4.6.1. DiscoveryCount . . . . . . . . . . . . . . . . . . 73 4.5.11. WaitJoin . . . . . . . . . . . . . . . . . . . . . . 78
4.6.2. MaxDiscoveries . . . . . . . . . . . . . . . . . . 73 4.6. CAPWAP Protocol Variables . . . . . . . . . . . . . . . 79
4.6.3. MaxRetransmit . . . . . . . . . . . . . . . . . . . 73 4.6.1. DiscoveryCount . . . . . . . . . . . . . . . . . . . 79
4.6.4. RetransmitCount . . . . . . . . . . . . . . . . . . 73 4.6.2. MaxDiscoveries . . . . . . . . . . . . . . . . . . . 79
5. CAPWAP Discovery Operations . . . . . . . . . . . . . . . . . 74 4.6.3. MaxRetransmit . . . . . . . . . . . . . . . . . . . 79
5.1. Discovery Request Message . . . . . . . . . . . . . . . 74 4.6.4. RetransmitCount . . . . . . . . . . . . . . . . . . 79
5.2. Discovery Response Message . . . . . . . . . . . . . . . 75 5. CAPWAP Discovery Operations . . . . . . . . . . . . . . . . . 80
5.3. Primary Discovery Request Message . . . . . . . . . . . 75 5.1. Discovery Request Message . . . . . . . . . . . . . . . 80
5.4. Primary Discovery Response . . . . . . . . . . . . . . . 76 5.2. Discovery Response Message . . . . . . . . . . . . . . . 81
6. CAPWAP Join Operations . . . . . . . . . . . . . . . . . . . 77 5.3. Primary Discovery Request Message . . . . . . . . . . . 81
6.1. Join Request . . . . . . . . . . . . . . . . . . . . . . 77 5.4. Primary Discovery Response . . . . . . . . . . . . . . . 82
6.2. Join Response . . . . . . . . . . . . . . . . . . . . . 78 6. CAPWAP Join Operations . . . . . . . . . . . . . . . . . . . 83
7. Control Channel Management . . . . . . . . . . . . . . . . . 79 6.1. Join Request . . . . . . . . . . . . . . . . . . . . . . 83
7.1. Echo Request . . . . . . . . . . . . . . . . . . . . . . 79 6.2. Join Response . . . . . . . . . . . . . . . . . . . . . 84
7.2. Echo Response . . . . . . . . . . . . . . . . . . . . . 79 7. Control Channel Management . . . . . . . . . . . . . . . . . 85
8. WTP Configuration Management . . . . . . . . . . . . . . . . 80 7.1. Echo Request . . . . . . . . . . . . . . . . . . . . . . 85
8.1. Configuration Consistency . . . . . . . . . . . . . . . 80 7.2. Echo Response . . . . . . . . . . . . . . . . . . . . . 85
8.1.1. Configuration Flexibility . . . . . . . . . . . . . 81 8. WTP Configuration Management . . . . . . . . . . . . . . . . 86
8.2. Configuration Status . . . . . . . . . . . . . . . . . . 81 8.1. Configuration Consistency . . . . . . . . . . . . . . . 86
8.3. Configuration Status Response . . . . . . . . . . . . . 82 8.1.1. Configuration Flexibility . . . . . . . . . . . . . 87
8.4. Configuration Update Request . . . . . . . . . . . . . . 82 8.2. Configuration Status . . . . . . . . . . . . . . . . . . 87
8.5. Configuration Update Response . . . . . . . . . . . . . 83 8.3. Configuration Status Response . . . . . . . . . . . . . 88
8.6. Change State Event Request . . . . . . . . . . . . . . . 84 8.4. Configuration Update Request . . . . . . . . . . . . . . 88
8.7. Change State Event Response . . . . . . . . . . . . . . 84 8.5. Configuration Update Response . . . . . . . . . . . . . 89
8.8. Clear Config Indication . . . . . . . . . . . . . . . . 85 8.6. Change State Event Request . . . . . . . . . . . . . . . 90
9. Device Management Operations . . . . . . . . . . . . . . . . 86 8.7. Change State Event Response . . . . . . . . . . . . . . 90
9.1. Image Data Request . . . . . . . . . . . . . . . . . . . 86 8.8. Clear Configuration Request . . . . . . . . . . . . . . 90
9.2. Image Data Response . . . . . . . . . . . . . . . . . . 87 8.9. Clear Configuration Response . . . . . . . . . . . . . . 91
9.3. Reset Request . . . . . . . . . . . . . . . . . . . . . 87 9. Device Management Operations . . . . . . . . . . . . . . . . 92
9.4. Reset Response . . . . . . . . . . . . . . . . . . . . . 87 9.1. Image Data Request . . . . . . . . . . . . . . . . . . . 92
9.5. WTP Event Request . . . . . . . . . . . . . . . . . . . 87 9.2. Image Data Response . . . . . . . . . . . . . . . . . . 93
9.6. WTP Event Response . . . . . . . . . . . . . . . . . . . 88 9.3. Reset Request . . . . . . . . . . . . . . . . . . . . . 93
9.7. Data Transfer Request . . . . . . . . . . . . . . . . . 88 9.4. Reset Response . . . . . . . . . . . . . . . . . . . . . 93
9.8. Data Transfer Response . . . . . . . . . . . . . . . . . 88 9.5. WTP Event Request . . . . . . . . . . . . . . . . . . . 93
10. Mobile Session Management . . . . . . . . . . . . . . . . . . 90 9.6. WTP Event Response . . . . . . . . . . . . . . . . . . . 94
10.1. Mobile Config Request . . . . . . . . . . . . . . . . . 90 9.7. Data Transfer Request . . . . . . . . . . . . . . . . . 94
10.2. Mobile Config Response . . . . . . . . . . . . . . . . . 90 9.8. Data Transfer Response . . . . . . . . . . . . . . . . . 95
11. IEEE 802.11 Binding . . . . . . . . . . . . . . . . . . . . . 91 10. Mobile Session Management . . . . . . . . . . . . . . . . . . 96
11.1. Split MAC and Local MAC Functionality . . . . . . . . . 91 10.1. Mobile Configuration Request . . . . . . . . . . . . . . 96
11.1.1. Split MAC . . . . . . . . . . . . . . . . . . . . . 91 10.2. Mobile Configuration Response . . . . . . . . . . . . . 96
11.1.2. Local MAC . . . . . . . . . . . . . . . . . . . . . 93 11. IEEE 802.11 Binding . . . . . . . . . . . . . . . . . . . . . 97
11.2. Roaming Behavior . . . . . . . . . . . . . . . . . . . . 96 11.1. Split MAC and Local MAC Functionality . . . . . . . . . 97
11.3. Group Key Refresh . . . . . . . . . . . . . . . . . . . 97 11.1.1. Split MAC . . . . . . . . . . . . . . . . . . . . . 97
11.4. Transport specific bindings . . . . . . . . . . . . . . 97 11.1.2. Local MAC . . . . . . . . . . . . . . . . . . . . . 99
11.5. BSSID to WLAN ID Mapping . . . . . . . . . . . . . . . . 99 11.2. Roaming Behavior . . . . . . . . . . . . . . . . . . . . 102
11.6. Quality of Service for Control Messages . . . . . . . . 99 11.3. Group Key Refresh . . . . . . . . . . . . . . . . . . . 103
11.7. IEEE 802.11 Specific CAPWAP Control Messages . . . . . . 100 11.4. BSSID to WLAN ID Mapping . . . . . . . . . . . . . . . . 103
11.7.1. IEEE 802.11 WLAN Config Request . . . . . . . . . . 100 11.5. Quality of Service for IEEE 802.11 Control Messages . . 104
11.7.2. IEEE 802.11 WLAN Config Response . . . . . . . . . 101 11.6. IEEE 802.11 Specific CAPWAP Control Messages . . . . . . 104
11.8. Data Message bindings . . . . . . . . . . . . . . . . . 101 11.6.1. IEEE 802.11 WLAN Configuration Request . . . . . . . 104
11.9. Control Message bindings . . . . . . . . . . . . . . . . 101 11.6.2. IEEE 802.11 WLAN Configuration Response . . . . . . 105
11.9.1. Mobile Config Request . . . . . . . . . . . . . . . 101 11.7. CAPWAP Data Message Bindings . . . . . . . . . . . . . . 106
11.9.2. WTP Event Request . . . . . . . . . . . . . . . . . 101 11.8. CAPWAP Control Message bindings . . . . . . . . . . . . 107
11.9.3. Configuration Messages . . . . . . . . . . . . . . 102 11.8.1. Configuration Status Message . . . . . . . . . . . . 107
11.10. IEEE 802.11 Message Element Definitions . . . . . . . . 102 11.8.2. Configuration Status Response Message . . . . . . . 108
11.10.1. IEEE 802.11 Add WLAN . . . . . . . . . . . . . . . 102 11.8.3. Configuration Update Request Message . . . . . . . . 108
11.10.2. IEEE 802.11 Antenna . . . . . . . . . . . . . . . . 106 11.8.4. Mobile Config Request . . . . . . . . . . . . . . . 109
11.10.3. IEEE 802.11 Assigned WTP BSSID . . . . . . . . . . 107 11.8.5. WTP Event Request . . . . . . . . . . . . . . . . . 109
11.10.4. IEEE 802.11 Broadcast Probe Mode . . . . . . . . . 108 11.9. IEEE 802.11 Message Element Definitions . . . . . . . . 109
11.10.5. IEEE 802.11 Delete WLAN . . . . . . . . . . . . . . 108 11.9.1. IEEE 802.11 Add WLAN . . . . . . . . . . . . . . . . 110
11.10.6. IEEE 802.11 Direct Sequence Control . . . . . . . . 109 11.9.2. IEEE 802.11 Antenna . . . . . . . . . . . . . . . . 114
11.10.7. IEEE 802.11 Information Element . . . . . . . . . . 110 11.9.3. IEEE 802.11 Assigned WTP BSSID . . . . . . . . . . . 115
11.10.8. IEEE 802.11 MAC Operation . . . . . . . . . . . . . 110 11.9.4. IEEE 802.11 Delete WLAN . . . . . . . . . . . . . . 115
11.10.9. IEEE 802.11 MIC Countermeasures . . . . . . . . . . 112 11.9.5. IEEE 802.11 Direct Sequence Control . . . . . . . . 116
11.10.10. IEEE 802.11 MIC Error Report From Mobile . . . . . 112 11.9.6. IEEE 802.11 Information Element . . . . . . . . . . 117
11.10.11. IEEE 802.11 Mobile . . . . . . . . . . . . . . . . 113 11.9.7. IEEE 802.11 MAC Operation . . . . . . . . . . . . . 117
11.10.12. IEEE 802.11 Mobile Session Key . . . . . . . . . . 114 11.9.8. IEEE 802.11 MIC Countermeasures . . . . . . . . . . 119
11.10.13. IEEE 802.11 Multi-domain Capability . . . . . . . . 116 11.9.9. IEEE 802.11 Mobile . . . . . . . . . . . . . . . . . 120
11.10.14. IEEE 802.11 OFDM Control . . . . . . . . . . . . . 117 11.9.10. IEEE 802.11 Mobile Session Key . . . . . . . . . . . 121
11.10.15. IEEE 802.11 Rate Set . . . . . . . . . . . . . . . 118 11.9.11. IEEE 802.11 Multi-Domain Capability . . . . . . . . 122
11.10.16. IEEE 802.11 Statistics . . . . . . . . . . . . . . 118 11.9.12. IEEE 802.11 OFDM Control . . . . . . . . . . . . . . 123
11.10.17. IEEE 802.11 Supported Rates . . . . . . . . . . . . 120 11.9.13. IEEE 802.11 Rate Set . . . . . . . . . . . . . . . . 124
11.10.18. IEEE 802.11 Tx Power . . . . . . . . . . . . . . . 121 11.9.14. IEEE 802.11 RSNA Error Report From Mobile . . . . . 125
11.10.19. IEEE 802.11 Tx Power Level . . . . . . . . . . . . 121 11.9.15. IEEE 802.11 Station QoS Profile . . . . . . . . . . 126
11.10.20. IEEE 802.11 Update Mobile QoS . . . . . . . . . . . 122 11.9.16. IEEE 802.11 Statistics . . . . . . . . . . . . . . . 127
11.10.21. IEEE 802.11 Update WLAN . . . . . . . . . . . . . . 122 11.9.17. IEEE 802.11 Supported Rates . . . . . . . . . . . . 130
11.10.22. IEEE 802.11 WTP Quality of Service . . . . . . . . 125 11.9.18. IEEE 802.11 Tx Power . . . . . . . . . . . . . . . . 131
11.10.23. IEEE 802.11 WTP Radio Fail Alarm Indication . . . . 126 11.9.19. IEEE 802.11 Tx Power Level . . . . . . . . . . . . . 131
11.10.24. IEEE 802.11 WTP Radio Configuration . . . . . . . . 127 11.9.20. IEEE 802.11 Update Mobile QoS . . . . . . . . . . . 132
11.10.25. Station QoS Profile . . . . . . . . . . . . . . . . 128 11.9.21. IEEE 802.11 Update WLAN . . . . . . . . . . . . . . 133
11.11. Technology Specific Message Element Values . . . . . . . 129 11.9.22. IEEE 802.11 WTP Quality of Service . . . . . . . . . 134
12. NAT Considerations . . . . . . . . . . . . . . . . . . . . . 130 11.9.23. IEEE 802.11 WTP Radio Configuration . . . . . . . . 136
13. Security Considerations . . . . . . . . . . . . . . . . . . . 132 11.9.24. IEEE 802.11 WTP Radio Fail Alarm Indication . . . . 137
13.1. CAPWAP Security . . . . . . . . . . . . . . . . . . . . 132 11.10. Technology Specific Message Element Values . . . . . . . 138
13.1.1. Converting Protected Data into Unprotected Data . . 133 12. NAT Considerations . . . . . . . . . . . . . . . . . . . . . 139
13. Security Considerations . . . . . . . . . . . . . . . . . . . 141
13.1. CAPWAP Security . . . . . . . . . . . . . . . . . . . . 141
13.1.1. Converting Protected Data into Unprotected Data . . 142
13.1.2. Converting Unprotected Data into Protected Data 13.1.2. Converting Unprotected Data into Protected Data
(Insertion) . . . . . . . . . . . . . . . . . . . . 133 (Insertion) . . . . . . . . . . . . . . . . . . . . 142
13.1.3. Deletion of Protected Records . . . . . . . . . . . 133 13.1.3. Deletion of Protected Records . . . . . . . . . . . 142
13.1.4. Insertion of Unprotected Records . . . . . . . . . 133 13.1.4. Insertion of Unprotected Records . . . . . . . . . . 142
13.2. Use of Preshared Keys in CAPWAP . . . . . . . . . . . . 133 13.2. Use of Preshared Keys in CAPWAP . . . . . . . . . . . . 142
13.3. Use of Certificates in CAPWAP . . . . . . . . . . . . . 134 13.3. Use of Certificates in CAPWAP . . . . . . . . . . . . . 143
13.4. AAA Security . . . . . . . . . . . . . . . . . . . . . . 134 13.4. AAA Security . . . . . . . . . . . . . . . . . . . . . . 144
13.5. IEEE 802.11 Security . . . . . . . . . . . . . . . . . . 135 13.5. IEEE 802.11 Security . . . . . . . . . . . . . . . . . . 144
14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 136 14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 146
15. References . . . . . . . . . . . . . . . . . . . . . . . . . 137 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 147
15.1. Normative References . . . . . . . . . . . . . . . . . . 137 15.1. Normative References . . . . . . . . . . . . . . . . . . 147
15.2. Informational References . . . . . . . . . . . . . . . . 138 15.2. Informational References . . . . . . . . . . . . . . . . 148
Editors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 140 Editors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 150
Intellectual Property and Copyright Statements . . . . . . . . . 141 Intellectual Property and Copyright Statements . . . . . . . . . 151
1. Introduction 1. Introduction
The emergence of centralized architectures, in which simple IEEE The emergence of centralized architectures, in which simple IEEE
802.11 WTPs are managed by an Access Controller (AC) suggests that a 802.11 WTPs are managed by an Access Controller (AC) suggests that a
standards based, interoperable protocol could radically simplify the standards based, interoperable protocol could radically simplify the
deployment and management of wireless networks. WTPs require a set deployment and management of wireless networks. WTPs require a set
of dynamic management and control functions related to their primary of dynamic management and control functions related to their primary
task of connecting the wireless and wired mediums. Traditional task of connecting the wireless and wired mediums. Traditional
protocols for managing WTPs are either manual static configuration protocols for managing WTPs are either manual static configuration
via HTTP, proprietary Layer 2 specific or non-existent (if the WTPs via HTTP, proprietary Layer 2 specific or non-existent (if the WTPs
are self-contained). This document describes the CAPWAP Protocol, a are self-contained). This document describes the CAPWAP Protocol, a
standard, interoperable protocol which enables an AC to manage a standard, interoperable protocol which enables an AC to manage a
collection of WTPs. While the protocol is defined to be independent collection of WTPs. While the protocol is defined to be independent
of layer 2 technology, an IEEE 802.11 binding is provided to support of layer 2 technology, an IEEE 802.11 binding is provided to support
IEEE 802.11 wireless LAN networks. IEEE 802.11 wireless LAN networks.
CAPWAP assumes a network configuration consisting of multiple WTPs CAPWAP assumes a network configuration consisting of multiple WTPs
communicating via the Internet Protocol (IP) to an AC. WTPs are communicating via the Internet Protocol (IP) to an AC. WTPs are
viewed as remote RF interfaces controlled by the AC. The AC forwards viewed as remote RF interfaces controlled by the AC. The CAPWAP
all L2 frames to be transmitted by a WTP to that WTP via the CAPWAP protocol supports two modes of operation: Split and Local MAC. In
protocol. L2 frames from mobile nodes (STAs) are forwarded by the Split MAC mode all L2 wireless data and management frames are
WTP to the AC using the CAPWAP protocol. Both Split-MAC and Local encapsulated via the CAPWAP protocol and exchanged between the AC and
MAC arhcitectures are supported. Figure 1 illustrates this the WTP. In the example of 802.11, as shown in Figure 1, the 802.11
arrangement as applied to an IEEE 802.11 binding. frames received from a mobile node (STA) are directly encapsulated by
the WTP and forwarded to the AC.
+-+ 802.11 frames +-+ +-+ 802.11 frames +-+
| |--------------------------------| | | |--------------------------------| |
| | +-+ | | | | +-+ | |
| |--------------| |---------------| | | |--------------| |---------------| |
| | 802.11 PHY/ | | CAPWAP | | | | 802.11 PHY/ | | CAPWAP | |
| | MAC sublayer | | | | | | MAC sublayer | | | |
+-+ +-+ +-+ +-+ +-+ +-+
STA WTP AC STA WTP AC
Figure 1: Representative CAPWAP Architecture for Split MAC Figure 1: Representative CAPWAP Architecture for Split MAC
The Local MAC mode of operation allows for the data frames to be
either locally bridged, or tunneled as 802.3 frames. The latter
implies that the WTP performs the 802 bridging function. In either
case the L2 wireless management frames are processed locally by the
WTP, and then forwarded to the AC. Figure 2 provides an example
using the IEEE 802.11 binding, where a station transmits an 802.11
frame, which is encapsulated as 802.3 and forwarded to the AC.
+-+ 802.11 frames +-+ 802.3 frames +-+
| |---------------| |--------------| |
| | | | | |
| |---------------| |--------------| |
| | 802.11 PHY/ | | CAPWAP | |
| | MAC sublayer | | | |
+-+ +-+ +-+
STA WTP AC
Figure 2: Representative CAPWAP Architecture for Local MAC
Provisioning WTPs with security credentials, and managing which WTPs Provisioning WTPs with security credentials, and managing which WTPs
are authorized to provide service are traditionally handled by are authorized to provide service are traditionally handled by
proprietary solutions. Allowing these functions to be performed from proprietary solutions. Allowing these functions to be performed from
a centralized AC in an interoperable fashion increases manageability a centralized AC in an interoperable fashion increases manageability
and allows network operators to more tightly control their wireless and allows network operators to more tightly control their wireless
network infrastructure. network infrastructure.
1.1. Goals 1.1. Goals
The goals for the CAPWAP protocol are listed below: The goals for the CAPWAP protocol are listed below:
1. To centralize the bridging, forwarding, authentication and policy 1. To centralize the authentication and policy enforcement functions
enforcement functions for a wireless network. Optionally, the AC for a wireless network. The AC may also provide centralized
may also provide centralized encryption of user traffic. bridging, forwarding, and encryption of user traffic.
Centralization of these functions will enable reduced cost and Centralization of these functions will enable reduced cost and
higher efficiency by applying the capabilities of network higher efficiency by applying the capabilities of network
processing silicon to the wireless network, as in wired LANs. processing silicon to the wireless network, as in wired LANs.
2. To enable shifting of the higher level protocol processing from 2. To enable shifting of the higher level protocol processing from
the WTP. This leaves the time critical applications of wireless the WTP. This leaves the time critical applications of wireless
control and access in the WTP, making efficient use of the control and access in the WTP, making efficient use of the
computing power available in WTPs which are the subject to severe computing power available in WTPs which are the subject to severe
cost pressure. cost pressure.
skipping to change at page 11, line 5 skipping to change at page 10, line 23
1.4. Acknowledgements 1.4. Acknowledgements
The authors thank Michael Vakulenko for contributing text that The authors thank Michael Vakulenko for contributing text that
describes how CAPWAP can be used over a layer 3 (IP/UDP) network. describes how CAPWAP can be used over a layer 3 (IP/UDP) network.
The authors thank Russ Housley and Charles Clancy for their The authors thank Russ Housley and Charles Clancy for their
assistance in provide a security review of the LWAPP specification. assistance in provide a security review of the LWAPP specification.
Charles' review can be found at [16]. Charles' review can be found at [16].
1.5. Terminology
Station (STA): A device that contains an IEEE 802.11 conformant
medium access control (MAC) and physical layer (PHY) interface to the
wireless medium (WM).
Basic Service Set (BSS): A set of stations controlled by a single
coordination function.
Portal: The logical point at which medium access control (MAC)
service data units (MSDUs) from a non-IEEE 802.11 local area network
(LAN) enter the distribution system (DS) of an extended service set
(ESS).
Distribution System Service (DSS): The set of services provided by
the distribution system (DS) that enable the medium access control
(MAC) layer to transport MAC service data units (MSDUs) between
stations that are not in direct communication with each other over a
single instance of the wireless medium (WM). These services include
the transport of MSDUs between the access points (APs) of basic
service sets (BSSs) within an extended service set (ESS), transport
of MSDUs between portals and BSSs within an ESS, and transport of
MSDUs between stations in the same BSS in cases where the MSDU has a
multicast or broadcast destination address, or where the destination
is an individual address, but the station sending the MSDU chooses to
involve DSS. DSSs are provided between pairs of IEEE 802.11 MACs.
Integration: The service that enables delivery of medium access
control (MAC) service data units (MSDUs) between the distribution
system (DS) and an existing, non-IEEE 802.11 local area network (via
a portal).
Distribution: The service that, by using association information,
delivers medium access control (MAC) service data units (MSDUs)
within the distribution system (DS).
2. Protocol Overview 2. Protocol Overview
The CAPWAP protocol is a generic protocol defining AC and WTP control The CAPWAP protocol is a generic protocol defining AC and WTP control
and data plane communication via a CAPWAP protocol transport and data plane communication via a CAPWAP protocol transport
mechanism. CAPWAP control messages, and optionally CAPWAP data mechanism. CAPWAP control messages, and optionally CAPWAP data
messages, are secured using Datagram Transport Layer Security (DTLS) messages, are secured using Datagram Transport Layer Security (DTLS)
[14]. DTLS is a standards-track IETF protocol based upon TLS. The [15]. DTLS is a standards-track IETF protocol based upon TLS. The
underlying security-related protocol mechanisms of TLS have been underlying security-related protocol mechanisms of TLS have been
successfully deployed for many years. successfully deployed for many years.
The CAPWAP protocol Transport layer carries two types of payload, The CAPWAP protocol Transport layer carries two types of payload,
CAPWAP Data messages and CAPWAP Control messages. CAPWAP Data CAPWAP Data messages and CAPWAP Control messages. CAPWAP Data
messages are forwarded wireless frames. CAPWAP protocol Control messages encapsulate forwarded wireless frames. CAPWAP protocol
messages are management messages exchanged between a WTP and an AC. Control messages are management messages exchanged between a WTP and
The CAPWAP Data and Control packets are sent over separate UDP ports. an AC. The CAPWAP Data and Control packets are sent over separate
Since both data and control frames can exceed the PMTU, the payload UDP ports. Since both data and control frames can exceed the PMTU,
of a CAPWAP data or control message can be fragmented. The the payload of a CAPWAP data or control message can be fragmented.
fragmentation behavior is defined in Section 3. The fragmentation behavior is defined in Section 3.
The CAPWAP Protocol begins with a discovery phase. The WTPs send a The CAPWAP Protocol begins with a discovery phase. The WTPs send a
Discovery Request message, causing any Access Controller (AC) Discovery Request message, causing any Access Controller (AC)
receiving the message to respond with a Discovery Response message. receiving the message to respond with a Discovery Response message.
From the Discovery Response messages received, a WTP will select an From the Discovery Response messages received, a WTP will select an
AC with which to establish a secure DTLS session. CAPWAP protocol AC with which to establish a secure DTLS session. CAPWAP protocol
messages will be fragmented to the maximum length discovered to be messages will be fragmented to the maximum length discovered to be
supported by the network. supported by the network.
Once the WTP and the AC have completed DTLS session establishment, a Once the WTP and the AC have completed DTLS session establishment, a
skipping to change at page 12, line 13 skipping to change at page 13, line 13
communicating with the WTP. This may include the creation of local communicating with the WTP. This may include the creation of local
data structures in the WTP for the mobile units and the collection of data structures in the WTP for the mobile units and the collection of
statistical information about the communication between the WTP and statistical information about the communication between the WTP and
the mobile units. The CAPWAP protocol provides a mechanism for the the mobile units. The CAPWAP protocol provides a mechanism for the
AC to obtain statistical information collected by the WTP. AC to obtain statistical information collected by the WTP.
The CAPWAP protocol provides for a keep alive feature that preserves The CAPWAP protocol provides for a keep alive feature that preserves
the communication channel between the WTP and AC. If the AC fails to the communication channel between the WTP and AC. If the AC fails to
appear alive, the WTP will try to discover a new AC. appear alive, the WTP will try to discover a new AC.
This Document uses terminology defined in [5].
2.1. Wireless Binding Definition 2.1. Wireless Binding Definition
The CAPWAP protocol is independent of a specific WTP radio The CAPWAP protocol is independent of a specific WTP radio
technology. Elements of the CAPWAP protocol are designed to technology. Elements of the CAPWAP protocol are designed to
accommodate the specific needs of each wireless technology in a accommodate the specific needs of each wireless technology in a
standard way. Implementation of the CAPWAP protocol for a particular standard way. Implementation of the CAPWAP protocol for a particular
wireless technology must follow the binding requirements defined for wireless technology must follow the binding requirements defined for
that technology. This specification includes a binding for the IEEE that technology. This specification includes a binding for the IEEE
802.11 standard(see Section 11). 802.11 standard(see Section 11).
skipping to change at page 15, line 39 skipping to change at page 16, line 39
| |X Z| " ^ U| " " n4 " | +------------+ | | | |X Z| " ^ U| " " n4 " | +------------+ | |
| | | " | | " " n5," | ^ | | | | | " | | " " n5," | ^ | |
| | v "n1 |Y | n3" v n8" |R |Q | | | | v "n1 |Y | n3" v n8" |R |Q | |
| | +--------+ | +------------+ S+------------+ | | | | +--------+ | +------------+ S+------------+ | |
| | | Init | \->| Run |<--| Rekey | | | | | | Init | \->| Run |<--| Rekey | | |
| | +--------+ | |-->| | | | | | +--------+ | |-->| | | |
| | +------------+T +------------+ | | | | +------------+T +------------+ | |
| \---------------------------------------------------------/ | | \---------------------------------------------------------/ |
\-------------------------------------------------------------/ \-------------------------------------------------------------/
Figure 2: CAPWAP Integrated State Machine Figure 3: CAPWAP Integrated State Machine
The CAPWAP protocol state machine, depicted above, is used by both The CAPWAP protocol state machine, depicted above, is used by both
the AC and the WTP. In cases where states are not shared (i.e. not the AC and the WTP. In cases where states are not shared (i.e. not
implemented in one or the other of the AC or WTP), this is explicitly implemented in one or the other of the AC or WTP), this is explicitly
called out in the transition descriptions below. For every state called out in the transition descriptions below. For every state
defined, only certain messages are permitted to be sent and received. defined, only certain messages are permitted to be sent and received.
The CAPWAP control messages definitions specify the state(s) in which The CAPWAP control messages definitions specify the state(s) in which
each message is valid. each message is valid.
2.3.1. CAPWAP Protocol State Transitions 2.3.1. CAPWAP Protocol State Transitions
skipping to change at page 20, line 18 skipping to change at page 21, line 18
Change State Event: The WTP receives a Change State Event Change State Event: The WTP receives a Change State Event
Response message, or determines that it must initiate a Response message, or determines that it must initiate a
Change State Event Request message, as a result of a failure Change State Event Request message, as a result of a failure
or change in the state of a radio. or change in the state of a radio.
Echo Request: The WTP receives an Echo Request message (see Echo Request: The WTP receives an Echo Request message (see
Section 7.1), to which it MUST respond with an Echo Response Section 7.1), to which it MUST respond with an Echo Response
message(see Section 7.2). message(see Section 7.2).
Clear Config Indication: The WTP receives a Clear Config Clear Config Request: The WTP receives a Clear Configuration
Indication message (see Section 8.8). The WTP MUST reset Request message (see Section 8.8). The WTP MUST reset its
its configuration back to manufacturer defaults. configuration back to manufacturer defaults.
WTP Event: The WTP generates a WTP Event Request message to WTP Event: The WTP generates a WTP Event Request message to
send information to the AC (see Section 9.5). The WTP send information to the AC (see Section 9.5). The WTP
receives a WTP Event Response message from the AC (see receives a WTP Event Response message from the AC (see
Section 9.6). Section 9.6).
Data Transfer: The WTP generates a Data Transfer Request Data Transfer: The WTP generates a Data Transfer Request
message to the AC (see Section 9.7). The WTP receives a message to the AC (see Section 9.7). The WTP receives a
Data Transfer Response message from the AC (see Data Transfer Response message from the AC (see
Section 9.8). Section 9.8).
WLAN Config Request: The WTP receives a WLAN Config Request WLAN Configuration Request: The WTP receives a WLAN
message (see Section 11.7.1), to which it MUST respond with Configuration Request message (see Section 11.6.1), to which
a WLAN Config Response message (see Section 11.7.2). it MUST respond with a WLAN Configuration Response message
(see Section 11.6.2).
Mobile Config Request: The WTP receives a Mobile Config Request Mobile Configuration Request: The WTP receives a Mobile Config
message (see Section 10.1), to which it MUST respond with a Request message (see Section 10.1), to which it MUST respond
Mobile Config Response message (see Section 10.2). with a Mobile Config Response message (see Section 10.2).
AC: This is the AC's normal state of operation: AC: This is the AC's normal state of operation:
Configuration Update: The AC sends a Configuration Update Configuration Update: The AC sends a Configuration Update
Request message (see Section 8.4) to the WTP to update its Request message (see Section 8.4) to the WTP to update its
configuration. The AC receives a Configuration Update configuration. The AC receives a Configuration Update
Response message (see Section 8.5) from the WTP. Response message (see Section 8.5) from the WTP.
Change State Event: The AC receives a Change State Event Change State Event: The AC receives a Change State Event
Request message (see Section 8.6), to which it MUST respond Request message (see Section 8.6), to which it MUST respond
with the Change State Event Response message (see with the Change State Event Response message (see
Section 8.7). Section 8.7).
Echo: The AC sends an Echo Request message Section 7.1 or Echo: The AC sends an Echo Request message Section 7.1 or
receives the corresponding Echo Response message, see receives the corresponding Echo Response message, see
Section 7.2 from the WTP. Section 7.2 from the WTP.
Clear Config Indication: The AC sends a Clear Config Indication Clear Config Response: The AC receives a Clear Configuration
message (see Section 8.8). Response message (see Section 8.9).
WLAN Config: The AC sends a WLAN Config Request message (see WLAN Config: The AC sends a WLAN Configuration Request message
Section 11.7.1) or receives the corresponding WLAN Config (see Section 11.6.1) or receives the corresponding WLAN
Response message (see Section 11.7.2) from the WTP. Configuration Response message (see Section 11.6.2) from the
WTP.
Mobile Config: The AC sends a Mobile Config Request message Mobile Config: The AC sends a Mobile Configuration Request
(see Section 10.1) or receives the corresponding Mobile message (see Section 10.1) or receives the corresponding
Config Response message (see Section 10.2) from the WTP. Mobile Configuration Response message (see Section 10.2)
from the WTP.
Data Transfer: The AC receives a Data Transfer Request message Data Transfer: The AC receives a Data Transfer Request message
from the AC (see Section 9.7) and MUST generate a from the AC (see Section 9.7) and MUST generate a
corresponding Data Transfer Response message (see corresponding Data Transfer Response message (see
Section 9.8). Section 9.8).
WTP Event: The AC receives a WTP Event Request message from the WTP Event: The AC receives a WTP Event Request message from the
AC (see Section 9.5) and MUST generate a corresponding WTP AC (see Section 9.5) and MUST generate a corresponding WTP
Event Response message (see Section 9.6). Event Response message (see Section 9.6).
skipping to change at page 32, line 37 skipping to change at page 33, line 37
2.4.4. DTLS EndPoint Authentication 2.4.4. DTLS EndPoint Authentication
DTLS supports endpoint authentication with certificates or preshared DTLS supports endpoint authentication with certificates or preshared
keys. The TLS algorithm suites for each endpoint authentication keys. The TLS algorithm suites for each endpoint authentication
method are described below. method are described below.
2.4.4.1. Authenticating with Certificates 2.4.4.1. Authenticating with Certificates
Note that only block ciphers are currently recommended for use with Note that only block ciphers are currently recommended for use with
DTLS. To understand the reasoning behind this, see [26]. DTLS. To understand the reasoning behind this, see [26]. However,
However,support for AES counter mode encryption is currently support for AES counter mode encryption is currently progressing in
progressing in the TLS working group, and once protocol identifiers the TLS working group, and once protocol identifiers are available,
are available, they will be added below. At present, the following they will be added below. At present, the following algorithms MUST
algorithms MUST be supported when using certificates for CAPWAP be supported when using certificates for CAPWAP authentication:
authentication:
o TLS_RSA_WITH_AES_128_CBC_SHA o TLS_RSA_WITH_AES_128_CBC_SHA
o TLS_RSA_WITH_3DES_EDE_CBC_SHA o TLS_RSA_WITH_3DES_EDE_CBC_SHA
The following algorithms SHOULD be supported when using certificates: The following algorithms SHOULD be supported when using certificates:
o TLS_DH_RSA_WITH_AES_128_CBC_SHA o TLS_DH_RSA_WITH_AES_128_CBC_SHA
o TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
o TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
The following algorithms MAY be supported when using certificates: The following algorithms MAY be supported when using certificates:
o TLS_RSA_WITH_AES_256_CBC_SHA o TLS_RSA_WITH_AES_256_CBC_SHA
o TLS_DH_RSA_WITH_AES_256_CBC_SHA o TLS_DH_RSA_WITH_AES_256_CBC_SHA
2.4.4.2. Authenticating with Preshared Keys 2.4.4.2. Authenticating with Preshared Keys
Pre-shared keys present significant challenges from a security Pre-shared keys present significant challenges from a security
perspective, and for that reason, their use is strongly discouraged. perspective, and for that reason, their use is strongly discouraged.
However, [13] defines 3 different methods for authenticating with However, [14] defines several different methods for authenticating
preshared keys: with preshared keys, and we focus on the following two:
o PSK key exchange algorithm - simplest method, ciphersuites use o PSK key exchange algorithm - simplest method, ciphersuites use
only symmetric key algorithms only symmetric key algorithms
o DHE_PSK key exchange algorithm - use a PSK to authenticate a o DHE_PSK key exchange algorithm - use a PSK to authenticate a
Diffie-Hellman exchange. These ciphersuites give some additional Diffie-Hellman exchange. These ciphersuites give some additional
protection against dictionary attacks and also provide Perfect protection against dictionary attacks and also provide Perfect
Forward Secrecy (PFS). Forward Secrecy (PFS).
o RSA_PSK key exchange algorithm - use RSA and certificates to
authenticate the server, in addition to using a PSK. This is not
susceptible to passive attacks.
The first approach (plain PSK) is susceptible to passive dictionary The first approach (plain PSK) is susceptible to passive dictionary
attacks; hence, while this alorithm MAY be supported, special care attacks; hence, while this alorithm MUST be supported, special care
should be taken when choosing that method. In particular, user- should be taken when choosing that method. In particular, user-
readable passphrases SHOULD NOT be used, and use of short PSKs should readable passphrases SHOULD NOT be used, and use of short PSKs SHOULD
be strongly discouraged. Additionally, DHE_PSK MUST be supported, be strongly discouraged.
and RSA_PSK MAY be supported.
The following cryptographic algorithms MUST be supported when using The following cryptographic algorithms MUST be supported when using
preshared keys: preshared keys:
o TLS_PSK_WITH_AES_128_CBC_SHA
o TLS_PSK_WITH_3DES_EDE_CBC_SHA
o TLS_DHE_PSK_WITH_AES_128_CBC_SHA o TLS_DHE_PSK_WITH_AES_128_CBC_SHA
o TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA o TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
The following algorithms SHOULD be supported when using preshared The following algorithms MAY be supported when using preshared keys:
keys:
o TLS_PSK_WITH_AES_256_CBC_SHA
o TLS_DHE_PSK_WITH_AES_256_CBC_SHA o TLS_DHE_PSK_WITH_AES_256_CBC_SHA
The following algorithms MAY be supported when using preshared keys: 2.4.4.3. Certificate Usage
o TLS_PSK_WITH_AES_128_CBC_SHA When using certificates, both authentication and authorization must
be considered. Section 13.3 provides recommendations on how to
authenticate a certificate and bind that to a CAPWAP entity. This
section deals with certificate authorization.
o TLS_PSK_WITH_AES_256_CBC_SHA Certificate authorization by the AC and WTP is required so that only
an AC may perform the functions of an AC and that only a WTP may
perform the functions of a WTP. This restriction of functions to the
AC or WTP requires that the certificates used by the AC MUST be
distinguishable from the certificate used by the WTP. To accomplish
this differentiation, the x.509 certificates MUST include the
Extended Key Usage (EKU)certificate extension [11].
o TLS_PSK_WITH_3DES_EDE_CBC_SHA The EKU field indicates one or more purposes for which a certificate
may be used. It is an essential part in authorization. Its syntax
is as follows:
o TLS_RSA_PSK_WITH_AES_128_CBC_SHA ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
o TLS_RSA_PSK_WITH_AES_256_CBC_SHA KeyPurposeId ::= OBJECT IDENTIFIER
o TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA Here we define two KeyPurposeId values, one for the WTP and one for
the AC. Inclusion of one of those two values indicates a certificate
is authorized for use by a WTP or AC, respectively. These values are
formatted as id-kp fields.
2.4.4.3. Certificate Usage id-kp OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) 3 }
Validation of the certificates by the AC and WTP is required so that id-kp-capwapWTP OBJECT IDENTIFIER ::= { id-kp 19 }
only an AC may perform the functions of an AC and that only a WTP may
perform the functions of a WTP. This restriction of functions to the
AC or WTP requires that the certificates used by the AC MUST be
distinguishable from the certificate used by the WTP. To accomplish
this differentiation, the x.509v3 certificates MUST include the
Extensions field [11] and MUST include the NetscapeComment [15]
extension.
For an AC, the value of the NetscapeComment extension MUST be the id-kp-capwapAC OBJECT IDENTIFIER ::= { id-kp 18 }
string "CAPWAP AC Device Certificate". For a WTP, the value of the
NetscapeComment extension MUST be the string "CAPWAP WTP Device For an AC, the id-kp-capwapAC EKU MUST be present in the certificate.
Certificate". For a WTP, the id-kp-capwapWTP EKU MUST be present in the
certificate.
Part of the CAPWAP certificate validation process includes ensuring Part of the CAPWAP certificate validation process includes ensuring
that the proper string is included in the NetscapeComment extension, that the proper EKU is included and only allowing the CAPWAP session
and only allowing the CAPWAP session to be established if the to be established if the extension properly represents the device.
extension does not represent the same role as the device validating
the certificate. For instance, a WTP MUST NOT accept a certificate
whose NetscapeComment field is set to "CAPWAP WTP Device
Certificate".
3. CAPWAP Transport 3. CAPWAP Transport
The CAPWAP protocol uses UDP as a transport, and can be used with The CAPWAP protocol uses UDP as a transport, and can be used with
IPv4 or IPv6. This section details the specifics of how the CAPWAP IPv4 or IPv6. This section details the specifics of how the CAPWAP
protocol works in conjunction with IP. protocol works in conjunction with IP.
3.1. UDP Transport 3.1. UDP Transport
Communication between a WTP and an AC is established according to the Communication between a WTP and an AC is established according to the
skipping to change at page 38, line 22 skipping to change at page 39, line 22
style header, defined in Section 4.4. style header, defined in Section 4.4.
4.1. CAPWAP Transport Header 4.1. CAPWAP Transport Header
All CAPWAP protocol messages are encapsulated using a common header All CAPWAP protocol messages are encapsulated using a common header
format, regardless of the CAPWAP control or CAPWAP Data transport format, regardless of the CAPWAP control or CAPWAP Data transport
used to carry the messages. However, certain flags are not used to carry the messages. However, certain flags are not
applicable for a given transport. Refer to the specific transport applicable for a given transport. Refer to the specific transport
section in order to determine which flags are valid. section in order to determine which flags are valid.
Note that the optional fields defined in this section MUST be present
in the precise order shown below.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| RID | HLEN |F|L|W|M| Flags | |Version| RID | HLEN | WBID |T|F|L|W|M| Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Fragment ID | Frag Offset |Rsv-2| | Fragment ID | Frag Offset |Rsvd |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| (optional) Radio MAC Address | | (optional) Radio MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| (optional) Wireless Specific Information | | (optional) Wireless Specific Information |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload .... | | Payload .... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Version: A 4 bit field which contains the version of CAPWAP used in Version: A 4 bit field which contains the version of CAPWAP used in
this packet. The value for this draft is 0. this packet. The value for this draft is 0.
RID: A 5 bit field which contains the Radio ID number for this RID: A 5 bit field which contains the Radio ID number for this
packet. WTPs with multiple radios but a single MAC Address range packet. WTPs with multiple radios but a single MAC Address range
use this field to indicate which radio is associated with the use this field to indicate which radio is associated with the
packet. packet.
HLEN: Length of CAPWAP tunnel header in 4 byte words. (Similar to IP HLEN: A 5 bit field containing the length of the CAPWAP transport
header length). This length includes the optional headers. header in 4 byte words (Similar to IP header length). This length
includes the optional headers.
WBID: A 5 bit field which is the wireless binding identifier. The
identifier will indicate the type of wireless packet type
associated with the radio. The following values are defined:
1 - IEEE 802.11
T: The Type 'T' bit indicates the format of the frame being
transported in the payload (see Section 11.7). When this bit is
set to one (1), the payload has the native frame format indicated
by the WBID field. When this bit is zero (0) the payload is an
IEEE 802.3 frame.
F: The Fragment 'F' bit indicates whether this packet is a fragment. F: The Fragment 'F' bit indicates whether this packet is a fragment.
When this bit is one (1), the packet is a fragment and MUST be When this bit is one (1), the packet is a fragment and MUST be
combined with the other corresponding fragments to reassemble the combined with the other corresponding fragments to reassemble the
complete information exchanged between the WTP and AC. complete information exchanged between the WTP and AC.
L: The Not Last 'L' bit is valid only if the 'F' bit is set and L: The Last 'L' bit is valid only if the 'F' bit is set and indicates
indicates whether the packet contains the last fragment of a whether the packet contains the last fragment of a fragmented
fragmented exchange between WTP and AC. When this bit is 1, the exchange between WTP and AC. When this bit is 1, the packet is
packet is not the last fragment. When this bit is 0, the packet the last fragment. When this bit is 0, the packet is not the last
is the last fragment. fragment.
W: The Wireless 'W' bit is used to specify whether the optional W: The Wireless 'W' bit is used to specify whether the optional
wireless specific information field is present in the header. A wireless specific information field is present in the header. A
value of one (1) is used to represent the fact that the optional value of one (1) is used to represent the fact that the optional
header is present. header is present.
M: The M bit is used to indicate that the Radio MAC Address optional M: The M bit is used to indicate that the Radio MAC Address optional
header is present. This is used to communicate the MAC address of header is present. This is used to communicate the MAC address of
the receiving radio when the native wireless packet. This field the receiving radio when the native wireless packet. This field
MUST NOT be set to one in packets sent by the AC to the WTP. MUST NOT be set to one in packets sent by the AC to the WTP.
skipping to change at page 39, line 37 skipping to change at page 41, line 5
managed individually for every WTP/AC pair. The value of Fragment managed individually for every WTP/AC pair. The value of Fragment
ID is incremented with each new set of fragments. The Fragment ID ID is incremented with each new set of fragments. The Fragment ID
wraps to zero after the maximum value has been used to identify a wraps to zero after the maximum value has been used to identify a
set of fragments. set of fragments.
Fragment Offset: A 13 bit field that indicates where in the payload Fragment Offset: A 13 bit field that indicates where in the payload
will this fragment belong during re-assembly. This field is valid will this fragment belong during re-assembly. This field is valid
when the 'F' bit is set to 1. The fragment offset is measured in when the 'F' bit is set to 1. The fragment offset is measured in
units of 8 octets (64 bits). The first fragment has offset zero. units of 8 octets (64 bits). The first fragment has offset zero.
Reserved: The 3-bit Reserved-2 field is reserved and set to 0 in this Note the CAPWAP protocol does not allow for overlapping fragments.
For instance, fragment 0 would include offset 0 with a payload
length of 1000, while fragment 1 include offset 900 with a payload
length of 600.
Reserved: The 3-bit Reserved field is reserved and set to 0 in this
version of the CAPWAP protocol. version of the CAPWAP protocol.
Radio MAC Address: This optional field contains the MAC address of Radio MAC Address: This optional field contains the MAC address of
the radio receiving the packet. This is useful in packets sent the radio receiving the packet. This is useful in packets sent
from the WTP to the AC, when the native wireless frame format is from the WTP to the AC, when the native wireless frame format is
converted to 802.3 by the WTP. This field is only present if the converted to 802.3 by the WTP. This field is only present if the
'M' bit is set. 'M' bit is set. Given the HLEN field assumes 4 byte alignment,
this field MUST be padded with zeroes (0x00) if it is not 4 byte
aligned.
The field contains the basic format: The field contains the basic format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | MAC Address | Length | MAC Address
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Length: The number of bytes in the MAC Address field. The length Length: The number of bytes in the MAC Address field. The length
field is present since new IEEE technologies are using 48 byte field is present since new IEEE technologies (e.g., 802.16) are
MAC addresses. now using 64 bits MAC addresses.
MAC Address: The MAC Address of the receiving radio. MAC Address: The MAC Address of the receiving radio.
Wireless Specific Information: This optional field contains Wireless Specific Information: This optional field contains
technology specific information that may be used to carry per technology specific information that may be used to carry per
packet wireless information. This field is only present if the packet wireless information. This field is only present if the
'W' bit is set. 'W' bit is set. Given the HLEN field assumes 4 byte alignment,
this field MUST be padded with zeroes (0x00) if it is not 4 byte
aligned.
The field contains the basic format: The field contains the basic format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Wireless ID | Length | Data | Wireless ID | Length | Data
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Wireless ID: The wireless binding identifier. The following Wireless ID: The wireless binding identifier. The following
values are defined: values are defined:
1 - : IEEE 802.11 1 - : IEEE 802.11
Length: The length of the data field Length: The length of the data field
Data: Wireless specific information, whose details are defined in Data: Wireless specific information, whose details are defined in
the technology specific binding section. the technology specific bindings section (see Section 11.7).
Payload: This field contains the header for a CAPWAP Data Message or Payload: This field contains the header for a CAPWAP Data Message or
CAPWAP Control Message, followed by the data associated with that CAPWAP Control Message, followed by the data associated with that
message. message.
4.2. CAPWAP Data Messages 4.2. CAPWAP Data Messages
A CAPWAP protocol data message is a forwarded wireless frame. The A CAPWAP protocol data message encapsulates a forwarded wireless
CAPWAP protocol defines two different modes of encapsulations; IEEE frame. The CAPWAP protocol defines two different modes of
802.3 and native wireless. IEEE 802.3 encapsulation requires that encapsulation; IEEE 802.3 and native wireless. IEEE 802.3
the bridging function be performed in the WTP. An IEEE 802.3 encapsulation requires that the bridging function be performed in the
encapsulated user payload frame has the following format: WTP. An IEEE 802.3 encapsulated user payload frame has the following
format:
+------------------------------------------------------+ +------------------------------------------------------+
| IP Header | UDP Header | CAPWAP Header | 802.3 Frame | | IP Header | UDP Header | CAPWAP Header | 802.3 Frame |
+------------------------------------------------------+ +------------------------------------------------------+
The CAPWAP protocol also defines the native wireless encapsulation The CAPWAP protocol also defines the native wireless encapsulation
mode. The actual format of the encapsulated CAPWAP data frame is mode. The actual format of the encapsulated CAPWAP data frame is
subject to the rules defined under the specific wireless technology subject to the rules defined under the specific wireless technology
binding. As a consequence, each wireless technology binding MUST binding. As a consequence, each wireless technology binding MUST
define a section entitled "Payload encapsulation", which defines the define a section entitled "Payload encapsulation", which defines the
skipping to change at page 41, line 34 skipping to change at page 43, line 20
channel with. Messages that deal with the retrieval of statistics channel with. Messages that deal with the retrieval of statistics
from the WTP also fall in this category. from the WTP also fall in this category.
Mobile Session Management: Mobile session management messages are Mobile Session Management: Mobile session management messages are
used by the AC to push specific mobile station policies to the used by the AC to push specific mobile station policies to the
WTP. WTP.
Firmware Management: Messages in this category are used by the AC to Firmware Management: Messages in this category are used by the AC to
push a new firmware image to the WTP. push a new firmware image to the WTP.
Binding Specific Management Frames: Messages in this category are
used by the AC and the WTP to exchange protocol-specific
management frame. These frames may or may not be used to change
the link state of a Mobile device.
Discovery, WTP Configuration and Mobile Session Management messages Discovery, WTP Configuration and Mobile Session Management messages
MUST be implemented. Firmware Management MAY be implemented. MUST be implemented. Firmware Management MAY be implemented.
In addition, technology specific bindings may introduce new control In addition, technology specific bindings (see Section 11.7 may
channel commands. introduce new control channel commands.
4.3.1. Control Message Format 4.3.1. Control Message Format
All CAPWAP control messages are sent encapsulated within the CAPWAP All CAPWAP control messages are sent encapsulated within the CAPWAP
header (see Section 4.1). Immediately following the CAPWAP header, header (see Section 4.1). Immediately following the CAPWAP header,
is the control header, which has the following format: is the control header, which has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 42, line 21 skipping to change at page 44, line 4
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time Stamp | | Time Stamp |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Msg Element [0..N] ... | Msg Element [0..N] ...
+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+
4.3.1.1. Message Type 4.3.1.1. Message Type
The Message Type field identifies the function of the CAPWAP control The Message Type field identifies the function of the CAPWAP control
message. The Message Type field is comprised of an IANA Enterprise message. The Message Type field is comprised of an IANA Enterprise
Number and a message type value field. The first two byte contain Number and an enterprise specific message type number. The first
the IANA Enterprise Number (for example, the IEEE 802.11 IANA three octets is the enterprise number in network byte order, with
Enterprise number is 13277), and the second two bytes contain the zero being used for CAPWAP generic message types and the IEEE 802.11
Message Type value. The message type field can be expressed as: IANA assigned enterprise number 13277 being used for IEEE 802.11
technology specific message types. The last octet is the enterprise
specific message type number, which has a range from 0 to 255. The
message type field can be expressed as:
Message Type = IANA Enterprise Number * 256 + Message Type Value Message Type = IANA Enterprise Number * 256 + enterprise specific message type number
The valid values for base CAPWAP Message Types are given in the table The valid values for base CAPWAP Message Types are given in the table
below: below:
CAPWAP Control Message Message Type CAPWAP Control Message Message Type
Value Value
Discovery Request 1 Discovery Request 1
Discovery Response 2 Discovery Response 2
Join Request 3 Join Request 3
Join Response 4 Join Response 4
skipping to change at page 43, line 29 skipping to change at page 44, line 41
Echo Request 13 Echo Request 13
Echo Response 14 Echo Response 14
Image Data Request 15 Image Data Request 15
Image Data Response 16 Image Data Response 16
Reset Request 17 Reset Request 17
Reset Response 18 Reset Response 18
Primary Discovery Request 19 Primary Discovery Request 19
Primary Discovery Response 20 Primary Discovery Response 20
Data Transfer Request 21 Data Transfer Request 21
Data Transfer Response 22 Data Transfer Response 22
Clear Config Indication 23 Clear Configuration Request 23
Mobile Config Request 24 Clear Configuration Response 24
Mobile Config Response 25 Mobile Configuration Request 25
Mobile Configuration Response 26
4.3.1.2. Sequence Number 4.3.1.2. Sequence Number
The Sequence Number Field is an identifier value to match request and The Sequence Number Field is an identifier value to match request and
response packet exchanges. When a CAPWAP packet with a request response packet exchanges. When a CAPWAP packet with a request
message type is received, the value of the sequence number field is message type is received, the value of the sequence number field is
copied into the corresponding response packet. copied into the corresponding response packet.
When a CAPWAP control message is sent, its internal sequence number When a CAPWAP control message is sent, its internal sequence number
counter is monotonically incremented, ensuring that no two requests counter is monotonically incremented, ensuring that no two requests
skipping to change at page 44, line 35 skipping to change at page 45, line 49
DSCP: The DSCP tag value of 46 SHOULD be used. DSCP: The DSCP tag value of 46 SHOULD be used.
4.4. CAPWAP Protocol Message Elements 4.4. CAPWAP Protocol Message Elements
This section defines the CAPWAP Protocol message elements which are This section defines the CAPWAP Protocol message elements which are
included in CAPWAP protocol control messages. included in CAPWAP protocol control messages.
Message elements are used to carry information needed in control Message elements are used to carry information needed in control
messages. Every message element is identified by the Type field, messages. Every message element is identified by the Type field,
whose numbering space is managed via IANA (see Section 14). The whose numbering space is defined below. The total length of the
total length of the message elements is indicated in the Message message elements is indicated in the Message Element Length field.
Element Length field.
All of the message element definitions in this document use a diagram All of the message element definitions in this document use a diagram
similar to the one below in order to depict its format. Note that in similar to the one below in order to depict its format. Note that in
order to simplify this specification, these diagrams do not include order to simplify this specification, these diagrams do not include
the header fields (Type and Length). The header field values are the header fields (Type and Length). The header field values are
defined in the Message element descriptions. defined in the Message element descriptions.
Additional message elements may be defined in separate IETF Additional message elements may be defined in separate IETF
documents. documents.
The format of a message element uses the TLV format shown here: The format of a message element uses the TLV format shown here:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | | Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value ... | | Length | Value ...
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Where Type (16 bit) identifies the character of the information Where Type (16 bit) identifies the character of the information
carried in the Value field and Length (16 bits) indicates the number carried in the Value field and Length (16 bits) indicates the number
of bytes in the Value field. of bytes in the Value field. Type field values are allocated as
follows:
Usage Type Values
CAPWAP Protocol Message Elements 1-1023
IEEE 802.11 Message Elements 1024-2047
Reserved for Future Use 2048 - 65024
The table below lists the CAPWAP protocol Message Elements and their
Type values.
CAPWAP Message Element Type Value
AC Descriptor 1
AC IPv4 List 2
AC IPv6 List 3
AC Name 4
AC Name with Index 5
AC Timestamp 6
Add MAC ACL Entry 7
Add Mobile Station 8
Add Static MAC ACL Entry 9
CAPWAP Timers 10
Data Transfer Data 11
Data Transfer Mode 12
Decryption Error Report 13
Decryption Error Report Period 14
Delete MAC ACL Entry 15
Delete Mobile Station 16
Delete Static MAC ACL Entry 17
Discovery Type 18
Duplicate IPv4 Address 19
Duplicate IPv6 Address 20
Idle Timeout 21
Image Data 22
Image Filename 23
Initiate Download 24
Location Data 25
MTU Discovery Padding 26
Radio Administrative State 27
Result Code 28
Session ID 29
Statistics Timer 30
Vendor Specific Payload 31
WTP Board Data 32
WTP Descriptor 33
WTP Fallback 34
WTP Frame Tunnel Mode 35
WTP IPv4 IP Address 36
WTP MAC Type 37
WTP Manager Control IPv4 Address 38
WTP Manager Control IPv6 Address 39
WTP Name 40
WTP Operational Statistics 41
WTP Radio Information 42
WTP Radio Statistics 43
WTP Reboot Statistics 44
WTP Static IP Address Information 45
4.4.1. AC Descriptor 4.4.1. AC Descriptor
The AC payload message element is used by the AC to communicate it's The AC payload message element is used by the AC to communicate it's
current state. The value contains the following fields. current state. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | Hardware Version ... | | Stations | Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HW Ver | Software Version ... | | Active WTPs | Max WTPs |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SW Ver | Stations | Limit | | Security | R-MAC Field |Wireless Field | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Limit | Active WTPs | Max WTPs | | Vendor Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=4 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=5 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Max WTPs | Security |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1 for AC Descriptor Type: 1 for AC Descriptor
Length: 18 Length: 18
Reserved: MUST be set to zero
Hardware Version: The AC's hardware version number
Software Version: The AC's Firmware version number
Stations: The number of mobile stations currently associated with Stations: The number of mobile stations currently associated with
the AC the AC
Limit: The maximum number of stations supported by the AC Limit: The maximum number of stations supported by the AC
Active WTPs: The number of WTPs currently attached to the AC Active WTPs: The number of WTPs currently attached to the AC
Max WTPs: The maximum number of WTPs supported by the AC Max WTPs: The maximum number of WTPs supported by the AC
Security: A 8 bit bit mask specifying the authentication credential Security: A 8 bit bit mask specifying the authentication credential
type supported by the AC. The following values are supported (see type supported by the AC. The following values are supported (see
Section 2.4.4): Section 2.4.4):
1 - X.509 Certificate Based 1 - X.509 Certificate Based
skipping to change at page 46, line 16 skipping to change at page 49, line 9
Max WTPs: The maximum number of WTPs supported by the AC Max WTPs: The maximum number of WTPs supported by the AC
Security: A 8 bit bit mask specifying the authentication credential Security: A 8 bit bit mask specifying the authentication credential
type supported by the AC. The following values are supported (see type supported by the AC. The following values are supported (see
Section 2.4.4): Section 2.4.4):
1 - X.509 Certificate Based 1 - X.509 Certificate Based
2 - Pre-Shared Secret 2 - Pre-Shared Secret
R-MAC Field: The AC supports the optional Radio MAC Address field in
the CAPWAP transport Header (see Section 4.1).
Wireless Field: The AC supports the optional Wireless Specific
Information field in the CAPWAP transport Header (see
Section 4.1).
Reserved: MUST be set to zero
Vendor Identifier: A 32-bit value containing the IANA assigned "SMI
Network Management Private Enterprise Codes"
Type: Vendor specific encoding of AC information. The following
values are supported. The Hardware and Software Version values
MUST be included.
4 - Hardware Version: The AC's hardware version number.
5 - Software Version: The AC's Firmware version number.
Length: Length of vendor specific encoding of AC information.
Value: Vendor specific encoding of AC information.
4.4.2. AC IPv4 List 4.4.2. AC IPv4 List
The AC List message element is used to configure a WTP with the The AC List message element is used to configure a WTP with the
latest list of ACs in a cluster. latest list of ACs in a cluster.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AC IP Address[] | | AC IP Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 50, line 33 skipping to change at page 54, line 4
The CAPWAP Timers message element is used by an AC to configure The CAPWAP Timers message element is used by an AC to configure
CAPWAP timers on a WTP. CAPWAP timers on a WTP.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discovery | Echo Request | | Discovery | Echo Request |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 10 for CAPWAP Timers Type: 10 for CAPWAP Timers
Length: 2 Length: 2
Discovery: The number of seconds between CAPWAP Discovery packets, Discovery: The number of seconds between CAPWAP Discovery packets,
when the WTP is in the discovery mode. when the WTP is in the discovery mode.
Echo Request: The number of seconds between WTP Echo Request CAPWAP Echo Request: The number of seconds between WTP Echo Request CAPWAP
messages. messages.
4.4.11. Change State Event 4.4.11. Data Transfer Data
The Change State message element is used to communicate a change in
the operational state of a radio. The value contains two fields, as
shown.
0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | State | Cause |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 11 for Change State Event
Length: 3
Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP.
State: An 8-bit boolean value representing the state of the radio.
A value of one disables the radio, while a value of two enables
it.
Cause: In the event of a radio being inoperable, the cause field
would contain the reason the radio is out of service. The
following values are supported:
0 - Normal
1 - Radio Failure
2 - Software Failure
4.4.12. Data Transfer Data
The Data Transfer Data message element is used by the WTP to provide The Data Transfer Data message element is used by the WTP to provide
information to the AC for debugging purposes. information to the AC for debugging purposes.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data Type | Data Length | Data .... | Data Type | Data Length | Data ....
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 12 for Data Transfer Data Type: 11 for Data Transfer Data
Length: >= 3 Length: >= 3
Data Type: An 8-bit value the type of information being sent. The Data Type: An 8-bit value the type of information being sent. The
following values are supported: following values are supported:
1 - WTP Crash Data 1 - WTP Crash Data
2 - WTP Memory Dump 2 - WTP Memory Dump
Data Length: Length of data field. Data Length: Length of data field.
Data: Debug information. Data: Debug information.
4.4.13. Data Transfer Mode 4.4.12. Data Transfer Mode
The Data Transfer Mode message element is used by the AC to request The Data Transfer Mode message element is used by the WTP to indicate
information from the WTP for debugging purposes. the type of data transfer information it is sending to the AC for
debugging purposes.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Data Type | | Data Type |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 12 for Data Transfer Mode
Type: 13 for Data Transfer Mode
Length: 1 Length: 1
Data Type: An 8-bit value the type of information being requested. Data Type: An 8-bit value the type of information being requested.
The following values are supported: The following values are supported:
1 - WTP Crash Data 1 - WTP Crash Data
2 - WTP Memory Dump 2 - WTP Memory Dump
4.4.14. Decryption Error Report 4.4.13. Decryption Error Report
The Decryption Error Report message element value is used by the WTP The Decryption Error Report message element value is used by the WTP
to inform the AC of decryption errors that have occurred since the to inform the AC of decryption errors that have occurred since the
last report. Note that this error reporting mechanism is not used if last report. Note that this error reporting mechanism is not used if
encryption and decryption services are provided via the AC. encryption and decryption services are provided via the AC.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID |Num Of Entries | Mobile MAC Address | | Radio ID |Num Of Entries | Mobile MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Mobile MAC Address[] | | Mobile MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 14 for Decryption Error Report Type: 13 for Decryption Error Report
Length: >= 8 Length: >= 8
Radio ID: The Radio Identifier, which typically refers to an Radio ID: The Radio Identifier, which typically refers to an
interface index on the WTP interface index on the WTP
Num Of Entries: An 8-bit unsigned integer indicating the number of Num Of Entries: An 8-bit unsigned integer indicating the number of
mobile MAC addresses. mobile MAC addresses.
Mobile MAC Address: An array of mobile station MAC addresses that Mobile MAC Address: An array of mobile station MAC addresses that
have caused decryption errors. have caused decryption errors.
4.4.15. Decryption Error Report Period 4.4.14. Decryption Error Report Period
The Decryption Error Report Period message element value is used by The Decryption Error Report Period message element value is used by
the AC to inform the WTP how frequently it should send decryption the AC to inform the WTP how frequently it should send decryption
error report messages. error report messages.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Report Interval | | Radio ID | Report Interval |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 15 for Decryption Error Report Period Type: 14 for Decryption Error Report Period
Length: 3 Length: 3
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Report Interval: A 16-bit unsigned integer indicating the time, in Report Interval: A 16-bit unsigned integer indicating the time, in
seconds seconds
4.4.16. Delete MAC ACL Entry 4.4.15. Delete MAC ACL Entry
The Delete MAC ACL Entry message element is used by an AC to delete a The Delete MAC ACL Entry message element is used by an AC to delete a
MAC ACL entry on a WTP, ensuring that the WTP provides service to the MAC ACL entry on a WTP, ensuring that the WTP provides service to the
MAC addresses provided in the message. MAC addresses provided in the message.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Num of Entries| MAC Address[] | | Num of Entries| MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address[] | | MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 16 for Delete MAC ACL Entry Type: 15 for Delete MAC ACL Entry
Length: >= 7 Length: >= 7
Num of Entries: The number of MAC Addresses in the array. Num of Entries: The number of MAC Addresses in the array.
MAC Address: An array of MAC Addresses to delete from the ACL. MAC Address: An array of MAC Addresses to delete from the ACL.
4.4.17. Delete Mobile Station 4.4.16. Delete Mobile Station
The Delete Mobile station message element is used by the AC to inform The Delete Mobile station message element is used by the AC to inform
an WTP that it should no longer provide service to a particular an WTP that it should no longer provide service to a particular
mobile station. The WTP must terminate service immediately upon mobile station. The WTP must terminate service immediately upon
receiving this message element. receiving this message element.
The transmission of a Delete Mobile Station message element could The transmission of a Delete Mobile Station message element could
occur for various reasons, including for administrative reasons, as a occur for various reasons, including for administrative reasons, as a
result of the fact that the mobile has roamed to another WTP, etc. result of the fact that the mobile has roamed to another WTP, etc.
skipping to change at page 54, line 31 skipping to change at page 57, line 17
deauthenticate message, as specified in [6]. deauthenticate message, as specified in [6].
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | MAC Address | | Radio ID | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 17 for Delete Mobile Station Type: 16 for Delete Mobile Station
Length: 7 Length: 7
Radio ID: An 8-bit value representing the radio Radio ID: An 8-bit value representing the radio
MAC Address: The mobile station's MAC Address MAC Address: The mobile station's MAC Address
4.4.18. Delete Static MAC ACL Entry 4.4.17. Delete Static MAC ACL Entry
The Delete Static MAC ACL Entry message element is used by an AC to The Delete Static MAC ACL Entry message element is used by an AC to
delete a previously added static MAC ACL entry on a WTP, ensuring delete a previously added static MAC ACL entry on a WTP, ensuring
that the WTP provides service to the MAC addresses provided in the that the WTP provides service to the MAC addresses provided in the
message. message.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Num of Entries| MAC Address[] | | Num of Entries| MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address[] | | MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 18 for Delete Static MAC ACL Entry Type: 17 for Delete Static MAC ACL Entry
Length: >= 7 Length: >= 7
Num of Entries: The number of MAC Addresses in the array. Num of Entries: The number of MAC Addresses in the array.
MAC Address: An array of MAC Addresses to delete from the static MAC MAC Address: An array of MAC Addresses to delete from the static MAC
ACL entry. ACL entry.
4.4.19. Discovery Type 4.4.18. Discovery Type
The Discovery message element is used to configure a WTP to operate The Discovery Type message element is used by the WTP to indicate how
in a specific mode. it has come to know about the existence of the AC, to which it is
sending the Discovery Request message.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Discovery Type| | Discovery Type|
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 19 for Discovery Type Type: 18 for Discovery Type
Length: 1 Length: 1
Discovery Type: An 8-bit value indicating how the AC was discovered. Discovery Type: An 8-bit value indicating how the WTP discovered the
The following values are supported: AC . The following values are supported:
0 - Broadcast 0 - Unknown
1 - Configured 1 - Static Configuration
4.4.20. Duplicate IPv4 Address 2 - DHCP
3 - DNS
4 - AC Referral
4.4.19. Duplicate IPv4 Address
The Duplicate IPv4 Address message element is used by a WTP to inform The Duplicate IPv4 Address message element is used by a WTP to inform
an AC that it has detected another IP device using the same IP an AC that it has detected another IP device using the same IP
address it is currently using. address it is currently using.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 20 for Duplicate IPv4 Address
Length: 10 Type: 19 for Duplicate IPv4 Address
Length: 10
IP Address: The IP Address currently used by the WTP. IP Address: The IP Address currently used by the WTP.
MAC Address: The MAC Address of the offending device. MAC Address: The MAC Address of the offending device.
4.4.21. Duplicate IPv6 Address 4.4.20. Duplicate IPv6 Address
The Duplicate IPv6 Address message element is used by a WTP to inform The Duplicate IPv6 Address message element is used by a WTP to inform
an AC that it has detected another host using the same IP address it an AC that it has detected another host using the same IP address it
is currently using. is currently using.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 56, line 34 skipping to change at page 59, line 30
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 21 for Duplicate IPv6 Address Type: 20 for Duplicate IPv6 Address
Length: 22 Length: 22
IP Address: The IP Address currently used by the WTP. IP Address: The IP Address currently used by the WTP.
MAC Address: The MAC Address of the offending device. MAC Address: The MAC Address of the offending device.
4.4.22. Idle Timeout 4.4.21. Idle Timeout
The Idle Timeout message element is sent by the AC to the WTP to The Idle Timeout message element is sent by the AC to the WTP to
provide it with the idle timeout that it should enforce on its active provide it with the idle timeout that it should enforce on its active
mobile station entries. mobile station entries.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Timeout | | Timeout |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 20 for Idle Timeout
Type: 22 for Idle Timeout
Length: 4 Length: 4
Timeout: The current idle timeout to be enforced by the WTP. Timeout: The current idle timeout to be enforced by the WTP.
4.4.23. Image Data 4.4.22. Image Data
The image data message element is present in the Image Data Request The image data message element is present in the Image Data Request
message sent by the AC and contains the following fields. message sent by the AC and contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Opcode | Checksum | Image Data | | Opcode | Checksum | Image Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Image Data ... | | Image Data ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 23 for Image Data Type: 22 for Image Data
Length: >= 4 (allows 0 length element if last data unit is 1024 Length: >= 4 (allows 0 length element if last data unit is 1024
bytes) bytes)
Opcode: An 8-bit value representing the transfer opcode. The Opcode: An 8-bit value representing the transfer opcode. The
following values are supported: following values are supported:
3 - Image data is included 3 - Image data is included
5 - An error occurred. Transfer is aborted 5 - An error occurred. Transfer is aborted
Checksum: A 16-bit value containing a checksum of the image data Checksum: A 16-bit value containing a checksum of the image data
that follows that follows
Image Data: The Image Data field contains 1024 characters, unless Image Data: The Image Data field contains 1024 characters, unless
the payload being sent is the last one (end of file). If the last the payload being sent is the last one (end of file). If the last
block was 1024 in length, an Image Data with a zero length payload block was 1024 in length, an Image Data with a zero length payload
is sent. is sent.
4.4.24. Image Filename 4.4.23. Image Filename
The image filename message element is sent by the WTP to the AC and The image filename message element is sent by the WTP to the AC and
is used to initiate the firmware download process. This message is used to initiate the firmware download process. This message
element contains the image filename, which the AC subsequently element contains the image filename, which the AC subsequently
transfers to the WTP via the Image Data message element. The value transfers to the WTP via the Image Data message element. The value
is a variable length byte string, which is NOT zero terminated. is a variable length byte string, which is NOT zero terminated.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Filename ... | | Filename ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 24 for Image Filename Type: 23 for Image Filename
Length: >= 1 Length: >= 1
Filename: A variable length string containing the filename to Filename: A variable length string containing the filename to
download. download.
4.4.25. Initiate Download 4.4.24. Initiate Download
The Initiate Download message element is used by the AC to inform the The Initiate Download message element is used by the AC to inform the
WTP that it should initiate a firmware upgrade. This is performed by WTP that it should initiate a firmware upgrade. This is performed by
having the WTP initiate its own Image Data Request, with the Image having the WTP initiate its own Image Data Request, with the Image
Download message element. This message element does not contain any Download message element. This message element does not contain any
data. data.
Type: 25 for Initiate Download Type: 24 for Initiate Download
Length: 0 Length: 0
4.4.26. Location Data 4.4.25. Location Data
The Location Data message elementis a variable length byte string The Location Data message elementis a variable length byte string
containing user defined location information (e.g. "Next to containing user defined location information (e.g. "Next to
Fridge"). This information is configurable by the network Fridge"). This information is configurable by the network
administrator, and allows for the WTP location to be determined administrator, and allows for the WTP location to be determined
through this field. The string is not zero terminated. through this field. The string is not zero terminated.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-
| Location ... | Location ...
+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-
Type: 26 for Location Data Type: 25 for Location Data
Length: > 0 Length: > 0
Timeout: A non-zero terminated string containing the WTP location. Timeout: A non-zero terminated string containing the WTP location.
4.4.27. MTU Discovery Padding 4.4.26. MTU Discovery Padding
The MTU Discovery Padding message element is used as padding to The MTU Discovery Padding message element is used as padding to
perform MTU discovery, and MUST contain octets of value 0xFF, of any perform MTU discovery, and MUST contain octets of value 0xFF, of any
length length
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Padding... | Padding...
+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-
Type: 27 for MTU Discovery Padding Type: 26 for MTU Discovery Padding
Length: variable Length: variable
Timeout: A variable length pad. Timeout: A variable length pad.
4.4.28. Radio Administrative State 4.4.27. Radio Administrative State
The administrative event message element is used to communicate the The radio administrative state message element is used to communicate
state of a particular radio. The value contains the following the state of a particular radio. The value contains the following
fields. fields.
0 1 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Admin State | | Radio ID | Admin State | Cause |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 28 for Administrative State Type: 27 for Administrative State
Length: 2 Length: 2
Radio ID: An 8-bit value representing the radio to configure. The Radio ID: An 8-bit value representing the radio to configure. The
Radio ID field may also include the value of 0xff, which is used Radio ID field may also include the value of 0xff, which is used
to identify the WTP itself. Therefore, if an AC wishes to change to identify the WTP itself. Therefore, if an AC wishes to change
the administrative state of a WTP, it would include 0xff in the the administrative state of a WTP, it would include 0xff in the
Radio ID field. Radio ID field.
Admin State: An 8-bit value representing the administrative state of Admin State: An 8-bit value representing the administrative state of
the radio. The following values are supported: the radio. The following values are supported:
1 - Enabled 1 - Enabled
2 - Disabled 2 - Disabled
4.4.29. Result Code Cause: In the event of a radio being inoperable, the cause field
would contain the reason the radio is out of service. The
following values are supported:
0 - Normal
1 - Radio Failure
2 - Software Failure
3 - Radar Detection
4.4.28. Result Code
The Result Code message element value is a 32-bit integer value, The Result Code message element value is a 32-bit integer value,
indicating the result of the request operation corresponding to the indicating the result of the request operation corresponding to the
sequence number in the message. sequence number in the message.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Result Code | | Result Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 29 for Result Code Type: 28 for Result Code
Length: 4 Length: 4
Result Code: The following values are defined: Result Code: The following values are defined:
0 Success 0 Success
1 Failure (AC List message element MUST be present) 1 Failure (AC List message element MUST be present)
2 Success (NAT detected) 2 Success (NAT detected)
skipping to change at page 60, line 37 skipping to change at page 64, line 4
2 Success (NAT detected) 2 Success (NAT detected)
3 Failure (unspecified) 3 Failure (unspecified)
4 Failure (Join Failure, Resource Depletion) 4 Failure (Join Failure, Resource Depletion)
5 Failure (Join Failure, Unknown Source) 5 Failure (Join Failure, Unknown Source)
6 Failure (Join Failure, Incorrect Data) 6 Failure (Join Failure, Incorrect Data)
7 Failure (Join Failure, Session ID already in use) 7 Failure (Join Failure, Session ID already in use)
4.4.30. Session ID 4.4.29. Session ID
The session ID message element value contains a randomly generated The session ID message element value contains a randomly generated
unsigned 32-bit integer. unsigned 32-bit integer.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session ID | | Session ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 30 for Session ID
Type: 29 for Session ID
Length: 4 Length: 4
Session ID: A 32-bit random session identifier Session ID: A 32-bit random session identifier
4.4.31. Statistics Timer 4.4.30. Statistics Timer
The statistics timer message element value is used by the AC to The statistics timer message element value is used by the AC to
inform the WTP of the frequency which it expects to receive updated inform the WTP of the frequency which it expects to receive updated
statistics. statistics.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Statistics Timer | | Statistics Timer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 31 for Statistics Timer Type: 30 for Statistics Timer
Length: 2 Length: 2
Statistics Timer: A 16-bit unsigned integer indicating the time, in Statistics Timer: A 16-bit unsigned integer indicating the time, in
seconds seconds
4.4.32. Vendor Specific Payload 4.4.31. Vendor Specific Payload
The Vendor Specific Payload is used to communicate vendor specific The Vendor Specific Payload is used to communicate vendor specific
information between the WTP and the AC. The value contains the information between the WTP and the AC. The value contains the
following format: following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor Identifier | | Vendor Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Element ID | Value... | | Element ID | Value... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 32 for Vendor Specific Type: 31 for Vendor Specific
Length: >= 7 Length: >= 7
Vendor Identifier: A 32-bit value containing the IANA assigned "SMI Vendor Identifier: A 32-bit value containing the IANA assigned "SMI
Network Management Private Enterprise Codes" [19] Network Management Private Enterprise Codes" [19]
Element ID: A 16-bit Element Identifier which is managed by the Element ID: A 16-bit Element Identifier which is managed by the
vendor. vendor.
Value: The value associated with the vendor specific element. Value: The value associated with the vendor specific element.
4.4.33. WTP Board Data 4.4.32. WTP Board Data
The WTP Board Data message element is sent by the WTP to the AC and The WTP Board Data message element is sent by the WTP to the AC and
contains information about the hardware present. contains information about the hardware present.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor Identifier | | Vendor Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=0 | Length | | Type=0 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value... | Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=1 | Length | | Type=1 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value... | Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Optional additional vendor specific WTP board data TLVs | Optional additional vendor specific WTP board data TLVs
Type: 33 for WTP Board Data Type: 32 for WTP Board Data
Length: >=14 Length: >=14
Vendor Identifier: A 32-bit value containing the IANA assigned "SMI Vendor Identifier: A 32-bit value containing the IANA assigned "SMI
Network Management Private Enterprise Codes" Network Management Private Enterprise Codes"
Type: The following values are supported: Type: The following values are supported:
0 - WTP Model Number: The WTP Model Number MUST be included in 0 - WTP Model Number: The WTP Model Number MUST be included in
the WTP Board Data message element. the WTP Board Data message element.
1 - WTP Serial Number: The WTP Serial Number MUST be included in 1 - WTP Serial Number: The WTP Serial Number MUST be included in
the WTP Board Data message element. the WTP Board Data message element.
skipping to change at page 63, line 8 skipping to change at page 66, line 21
1 - WTP Serial Number: The WTP Serial Number MUST be included in 1 - WTP Serial Number: The WTP Serial Number MUST be included in
the WTP Board Data message element. the WTP Board Data message element.
2 - Board ID: A hardware identifier, which MAY be included in the 2 - Board ID: A hardware identifier, which MAY be included in the
WTP Board Data mesage element. WTP Board Data mesage element.
3 - Board Revision A revision number of the board, which MAY be 3 - Board Revision A revision number of the board, which MAY be
included in the WTP Board Data message element. included in the WTP Board Data message element.
4.4.34. WTP Descriptor 4.4.33. WTP Descriptor
The WTP descriptor message element is used by a WTP to communicate The WTP descriptor message element is used by a WTP to communicate
it's current hardware/firmware configuration. The value contains the it's current hardware/firmware configuration. The value contains the
following fields. following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Max Radios | Radios in use | Encryption Capabilities | | Max Radios | Radios in use | Encryption Capabilities |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 63, line 37 skipping to change at page 67, line 4
| Type=1 | Length | | Type=1 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value... | Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor Identifier | | Vendor Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=0 | Length | | Type=0 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value... | Value...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 33 for WTP Descriptor
Type: 34 for WTP Descriptor
Length: >= 31 Length: >= 31
Max Radios: An 8-bit value representing the number of radios (where Max Radios: An 8-bit value representing the number of radios (where
each radio is identified via the RID field) supported by the WTP each radio is identified via the RID field) supported by the WTP
Radios in use: An 8-bit value representing the number of radios Radios in use: An 8-bit value representing the number of radios
present in the WTP present in the WTP
Encryption Capabilities: This 16-bit field is used by the WTP to Encryption Capabilities: This 16-bit field is used by the WTP to
skipping to change at page 64, line 26 skipping to change at page 67, line 40
1 - WTP Serial Number: The WTP Serial Number MUST be included in 1 - WTP Serial Number: The WTP Serial Number MUST be included in
the WTP Board Data message element. the WTP Board Data message element.
2 - Board ID: A hardware identifier, which MAY be included in the 2 - Board ID: A hardware identifier, which MAY be included in the
WTP Board Data mesage element. WTP Board Data mesage element.
3 - Board Revision A revision number of the board, which MAY be 3 - Board Revision A revision number of the board, which MAY be
included in the WTP Board Data message element. included in the WTP Board Data message element.
4 - Hardware Version: A 32-bit integer representing the WTP's 4 - Hardware Version: The WTP's hardware version number.
hardware version number
5 - Software Version: A 32-bit integer representing the WTP's 5 - Software Version: The WTP's Firmware version number.
Firmware version number
6 - Boot Version: A 32-bit integer representing the WTP's boot 6 - Boot Version: The WTP's boot loader's version number.
loader's version number
4.4.35. WTP Fallback Length: Length of vendor specific encoding of WTP information.
Value: Vendor specific encoding of WTP information.
4.4.34. WTP Fallback
The WTP Fallback message element is sent by the AC to the WTP to The WTP Fallback message element is sent by the AC to the WTP to
enable or disable automatic CAPWAP fallback in the event that a WTP enable or disable automatic CAPWAP fallback in the event that a WTP
detects its preferred AC, and is not currently connected to it. detects its preferred AC, and is not currently connected to it.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Mode | | Mode |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 35 for WTP Fallback Type: 34 for WTP Fallback
Length: 1 Length: 1
Mode: The 8-bit value indicates the status of automatic CAPWAP Mode: The 8-bit value indicates the status of automatic CAPWAP
fallback on the WTP. A value of zero disables fallback, while a fallback on the WTP. A value of zero disables fallback, while a
value of one enables it. When enabled, if the WTP detects that value of one enables it. When enabled, if the WTP detects that
its primary AC is available, and it is not connected to it, it its primary AC is available, and it is not connected to it, it
SHOULD automatically disconnect from its current AC and reconnect SHOULD automatically disconnect from its current AC and reconnect
to its primary. If disabled, the WTP will only reconnect to its to its primary. If disabled, the WTP will only reconnect to its
primary through manual intervention (e.g., through the Reset primary through manual intervention (e.g., through the Reset
Request command). Request command).
4.4.36. WTP Frame Encapsulation Type 4.4.35. WTP Frame Tunnel Mode
The WTP Frame EncapsultationType message element allows the WTP to The WTP Frame Tunnel Mode message element allows the WTP to
communicate the encapsulation type, or tunneling modes of operation communicate the tunneling modes of operation which it supports to the
which it supports to the AC. A WTP that advertises support for all AC. A WTP that advertises support for all types allows the AC to
types allows the AC to select which type will be used, based on its select which type will be used, based on its local policy.
local policy.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|Frame Enc Type | | Tunnel Mode |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 36 for WTP Frame Encapsulation Type Type: 35 for WTP Frame Tunnel Mode
Length: 1 Length: 1
Frame Encapsulation Type: The Frame type specifies the encapsulation Frame Tunnel Mode: The Frame Tunnel mode specifies the tunneling
modes supported by the WTP. The following values are supported: modes for mobile station data which are supported by the WTP. The
following values are supported:
1 - Local Bridging: Local Bridging allows the WTP to perform the 1 - Local Bridging: When Local Bridging is used, the WTP does not
bridging function. This value MUST NOT be used when the WTP tunnel user traffic to the AC; all user traffic is locally
MAC Type is set to Split-MAC. bridged. This value MUST NOT be used when the WTP MAC Type is
set to Split-MAC.
2 - 802.3 Bridging: 802.3 Bridging requires the WTP and AC to 2 - 802.3 Frame Tunnel Mode: The 802.3 Frame Tunnel Mode requires
encapsulate all user payload as native IEEE 802.3 frames (see the WTP and AC to encapsulate all user payload as native IEEE
Section 4.2). This value MUST NOT be used when the WTP MAC 802.3 frames (see Section 4.2). All user traffic is tunneled
Type is set to Split-MAC. to the AC. This value MUST NOT be used when the WTP MAC Type
is set to Split-MAC.
4 - Native Bridging: Native Bridging requires the WTP and AC to 4 - Native Frame Tunnel Mode: Native Frame Tunnel mode requires
encapsulate all user payloads as native wireless frames, as the WTP and AC to encapsulate all user payloads as native
defined by the wireless binding (see Section 4.2). wireless frames, as defined by the wireless binding (see for
example Section 4.2).
7 - All: The WTP is capable of supporting all frame encapsulation 7 - All: The WTP is capable of supporting all frame tunnel modes.
types.
4.4.37. WTP IPv4 IP Address 4.4.36. WTP IPv4 IP Address
The WTP IPv4 address is used to perform NAT detection. The WTP IPv4 address is used to perform NAT detection.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WTP IPv4 IP Address | | WTP IPv4 IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 37 for WTP IPv4 IP Address Type: 36 for WTP IPv4 IP Address
Length: 4 Length: 4
WTP IPv4 IP Address: The IPv4 address from which the WTP is sending WTP IPv4 IP Address: The IPv4 address from which the WTP is sending
packets. This field is used for NAT detection. packets. This field is used for NAT detection.
4.4.38. WTP MAC Type 4.4.37. WTP MAC Type
The WTP MAC-Type message element allows the WTP to communicate its The WTP MAC-Type message element allows the WTP to communicate its
mode of operation to the AC. A WTP that advertises support for both mode of operation to the AC. A WTP that advertises support for both
modes allows the AC to select the mode to use, based on local policy. modes allows the AC to select the mode to use, based on local policy.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| MAC Type | | MAC Type |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 37 for WTP MAC Type
Type: 38 for WTP MAC Type
Length: 1 Length: 1
MAC Type: The MAC mode of operation supported by the WTP. The MAC Type: The MAC mode of operation supported by the WTP. The
following values are supported following values are supported
0 - Local-MAC: Local-MAC is the default mode that MUST be 0 - Local-MAC: Local-MAC is the default mode that MUST be
supported by all WTPs. supported by all WTPs.
1 - Split-MAC: Split-MAC support is optional, and allows the AC 1 - Split-MAC: Split-MAC support is optional, and allows the AC
to receive and process native wireless frames. to receive and process native wireless frames.
2 - Both: WTP is capable of supporting both Local-MAC and Split- 2 - Both: WTP is capable of supporting both Local-MAC and Split-
MAC. MAC.
4.4.39. WTP Radio Information 4.4.38. WTP Radio Information
The WTP radios information message element is used to communicate the The WTP radios information message element is used to communicate the
radio information in a specific slot. The Discovery Request MUST radio information in a specific slot. The Discovery Request MUST
include one such message element per radio in the WTP. The Radio- include one such message element per radio in the WTP. The Radio-
Type field is used by the AC in order to determine which technology Type field is used by the AC in order to determine which technology
specific binding is to be used with the WTP. specific binding is to be used with the WTP.
The value contains two fields, as shown. The value contains two fields, as shown.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Radio Type | | Radio ID | Radio Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio Type | | Radio Type |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 39 for WTP Radio Information Type: 38 for WTP Radio Information
Length: 5 Length: 5
Radio ID: The Radio Identifier, which typically refers to an Radio ID: The Radio Identifier, which typically refers to an
interface index on the WTP interface index on the WTP
Radio Type: The type of radio present. Note this bitfield can be Radio Type: The type of radio present. Note this bitfield can be
used to specify support for more than a single type of PHY/MAC. used to specify support for more than a single type of PHY/MAC.
The following values are supported: The following values are supported:
skipping to change at page 67, line 48 skipping to change at page 71, line 16
2 - 802.11a: An IEEE 802.11a radio. 2 - 802.11a: An IEEE 802.11a radio.
4 - 802.11g: An IEEE 802.11g radio. 4 - 802.11g: An IEEE 802.11g radio.
8 - 802.11n: An IEEE 802.11n radio. 8 - 802.11n: An IEEE 802.11n radio.
0xOF - 802.11b, 802.11a, 802.11g and 802.11n: The 4 radio types 0xOF - 802.11b, 802.11a, 802.11g and 802.11n: The 4 radio types
indicated are supported in the WTP. indicated are supported in the WTP.
4.4.40. WTP Manager Control IPv4 Address 4.4.39. WTP Manager Control IPv4 Address
The WTP Manager Control IPv4 Address message element is sent by the The WTP Manager Control IPv4 Address message element is sent by the
AC to the WTP during the discovery process and is used by the AC to AC to the WTP during the discovery process and is used by the AC to
provide the interfaces available on the AC, and the current number of provide the interfaces available on the AC, and the current number of
WTPs connected. In the event that multiple WTP Manager Control IPV4 WTPs connected. In the event that multiple WTP Manager Control IPV4
Address message elements are returned, the WTP is expected to perform Address message elements are returned, the WTP is expected to perform
load balancing across the multiple interfaces. load balancing across the multiple interfaces.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WTP Count | | WTP Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 40 for WTP Manager Control IPv4 Address Type: 39 for WTP Manager Control IPv4 Address
Length: 6 Length: 6
IP Address: The IP Address of an interface. IP Address: The IP Address of an interface.
WTP Count: The number of WTPs currently connected to the interface. WTP Count: The number of WTPs currently connected to the interface.
4.4.41. WTP Manager Control IPv6 Address 4.4.40. WTP Manager Control IPv6 Address
The WTP Manager Control IPv6 Address message element is sent by the The WTP Manager Control IPv6 Address message element is sent by the
AC to the WTP during the discovery process and is used by the AC to AC to the WTP during the discovery process and is used by the AC to
provide the interfaces available on the AC, and the current number of provide the interfaces available on the AC, and the current number of
WTPs connected. This message element is useful for the WTP to WTPs connected. This message element is useful for the WTP to
perform load balancing across multiple interfaces. perform load balancing across multiple interfaces.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 68, line 46 skipping to change at page 72, line 19
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WTP Count | | WTP Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 41 for WTP Manager Control IPv6 Address Type: 40 for WTP Manager Control IPv6 Address
Length: 18 Length: 18
IP Address: The IP Address of an interface. IP Address: The IP Address of an interface.
WTP Count: The number of WTPs currently connected to the interface. WTP Count: The number of WTPs currently connected to the interface.
4.4.42. WTP Name 4.4.41. WTP Name
The WTP Name message element is a variable length bye string. The The WTP Name message element is a variable length bye string. The
string is not zero terminated. string is not zero terminated.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-
| WTP Name ... | WTP Name ...
+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-
Type: 42 for WTP Name Type: 41 for WTP Name
Length: variable Length: variable
WTP Name: A non-zero terminated string containing the WTP name. WTP Name: A non-zero terminated string containing the WTP name.
4.4.43. WTP Reboot Statistics 4.4.42. WTP Operational Statistics
The WTP Operational Statistics message element is sent by the WTP to
the AC to provide statistics related to the operation of the WTP.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Tx Queue Level | Wireless Link Frames per Sec |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 42 for WTP Operational Statistics
Length: 4
Radio ID: The radio ID of the radio to which the statistics apply.
Wireless Transmit Queue Level: The percentage of Wireless Transmit
queue utilization, calaculated as the sum of utilized transmit
queue lengths divided by the sum of maximum transmit queue
lengths, multiplied by 100. The Wireless Transmit Queue Level is
representative of congestion conditions over wireless interfaces
between the WTP and wireless terminals.
Wireless Link Frames per Sec: The number of frames transmitted or
received per second by the WTP over the sir interface.
4.4.43. WTP Radio Statistics
The WTP Radio Statistics message element is sent by the WTP to the AC
to communicate statistics on radio behavior and reasons why the WTP
radio has been reset.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Last Fail Type| Reset Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SW Failure Count | HW Failure Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Other Failure Count | Unknown Failure Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Config Update Count | Channel Change Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Band Change Count | Current Noise Floor |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 43 for WTP Radio Statistics
Length: 20
Radio ID: The radio ID of the radio to which the statistics apply.
Last Failure Type: The last WTP failure. The following values are
supported:
0 - Statistic Not Supported
1 - Software Failure
2 - Hardware Failure
3 - Other Failure
255 - Unknown (e.g., WTP doesn't keep track of info)
Reset Count: The number of times that that the radio has been reset.
SW Failure Count: The number of times that the radio has failed due
to software related reasons.
HW Failure Count: The number of times that the radio has failed due
to hardware related reasons.
Other Failure Count: The number of times that the radio has failed
due to known reasons, other than software or hardware failure.
Unknown Failure Count: The number of times that the radio has failed
for unknown reasons.
Config Update Count: The number of times that the radio
configuration has been updated.
Channel Change Count: The number of times that the radio channel has
been changed.
Band Change Count: The number of times that the radio has changed
frequency bands.
Current Noise Floor: A signed integer which indicates the noise
floor of the radio receiver in units of dBm.
4.4.44. WTP Reboot Statistics
The WTP Reboot Statistics message element is sent by the WTP to the The WTP Reboot Statistics message element is sent by the WTP to the
AC to communicate reasons why reboots have occurred. AC to communicate reasons why WTP reboots have occurred.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Crash Count | CAPWAP Initiated Count | | Reboot Count | AC Initiated Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Link Failure Count | Failure Type | | Link Failure Count | SW Failure Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HW Failure Count | Other Failure Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Unknown Failure Count |Last Failure Type|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 43 for WTP Reboot Statistics Type: 44 for WTP Reboot Statistics
Length: 7 Length: 15
Crash Count: The number of reboots that have occurred due to a WTP Reboot Count: The number of reboots that have occurred due to a WTP
crash. A value of 65535 implies that this information is not crash. A value of 65535 implies that this information is not
available on the WTP. available on the WTP.
CAPWAP Initiated Count: The number of reboots that have occurred at AC Initiated Count: The number of reboots that have occurred at the
the request of a CAPWAP protocol message, such as a change in request of a CAPWAP protocol message, such as a change in
configuration that required a reboot or an explicit CAPWAP reset configuration that required a reboot or an explicit CAPWAP
request. A value of 65535 implies that this information is not protocol reset request. A value of 65535 implies that this
available on the WTP. information is not available on the WTP.
Link Failure Count: The number of times that a CAPWAP protocol Link Failure Count: The number of times that a CAPWAP protocol
connection with an AC has failed. connection with an AC has failed due to link failure.
Failure Type: The last WTP failure. The following values are SW Failure Count: The number of times that a CAPWAP protocol
supported: connection with an AC has failed due to software related reasons.
0 - Link Failure HW Failure Count: The number of times that a CAPWAP protocol
connection with an AC has failed due to hardware related reasons.
1 - CAPWAP Initiated (see Section 9.3) Other Failure Count: The number of times that a CAPWAP protocol
connection with an AC has failed due to known reasons, other than
AC initiated, link, SW or HW failure.
2 - WTP Crash Unknown Failure Count: The number of times that a CAPWAP protocol
connection with an AC has failed for unknown reasons.
Last Failure Type: The failure type of the most recent WTP failure.
The following values are supported:
0 - Not Supported
1 - AC Initiated (see Section 9.3)
2 - Link Failure
3 - Software Failure
4 - Hardware Failure
5 - Other Failure
255 - Unknown (e.g., WTP doesn't keep track of info) 255 - Unknown (e.g., WTP doesn't keep track of info)
4.4.44. WTP Static IP Address Information 4.4.45. WTP Static IP Address Information
The WTP Static IP Address Information message element is used by an The WTP Static IP Address Information message element is used by an
AC to configure or clear a previously configured static IP address on AC to configure or clear a previously configured static IP address on
a WTP. a WTP.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Netmask | | Netmask |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Gateway | | Gateway |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Static | | Static |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 44 for WTP Static IP Address Information Type: 45 for WTP Static IP Address Information
Length: 13 Length: 13
IP Address: The IP Address to assign to the WTP. This field is only IP Address: The IP Address to assign to the WTP. This field is only
valid if the static field is set to one. valid if the static field is set to one.
Netmask: The IP Netmask. This field is only valid if the static Netmask: The IP Netmask. This field is only valid if the static
field is set to one. field is set to one.
Gateway: The IP address of the gateway. This field is only valid if Gateway: The IP address of the gateway. This field is only valid if
skipping to change at page 75, line 6 skipping to change at page 81, line 6
The Discovery Request message may be sent as a unicast, broadcast or The Discovery Request message may be sent as a unicast, broadcast or
multicast message. multicast message.
Upon receiving a Discovery Request message, the AC will respond with Upon receiving a Discovery Request message, the AC will respond with
a Discovery Response message sent to the address in the source a Discovery Response message sent to the address in the source
address of the received discovery request message. address of the received discovery request message.
The following message elements MUST be included in the Discovery The following message elements MUST be included in the Discovery
Request message: Request message:
o Discovery Type, see Section 4.4.19 o Discovery Type, see Section 4.4.18
o WTP Descriptor, see Section 4.4.34 o WTP Descriptor, see Section 4.4.33
o WTP Frame Type, see Section 4.4.36 o WTP Frame Tunnel Mode, see Section 4.4.35
o WTP MAC Type, see Section 4.4.38 o WTP MAC Type, see Section 4.4.37
o WTP Radio Information, see Section 4.4.39 o WTP Radio Information, see Section 4.4.38
5.2. Discovery Response Message 5.2. Discovery Response Message
The Discovery Response message provides a mechanism for an AC to The Discovery Response message provides a mechanism for an AC to
advertise its services to requesting WTPs. advertise its services to requesting WTPs.
The Discovery Response message is sent by an AC after receiving a The Discovery Response message is sent by an AC after receiving a
Discovery Request message from a WTP. Discovery Request message from a WTP.
When a WTP receives a Discovery Response message, it MUST wait for an When a WTP receives a Discovery Response message, it MUST wait for an
skipping to change at page 75, line 38 skipping to change at page 81, line 38
sent a Discovery Response message and send a DTLS Handshake to that sent a Discovery Response message and send a DTLS Handshake to that
AC. AC.
The following message elements MUST be included in the Discovery The following message elements MUST be included in the Discovery
Response Message: Response Message:
o AC Descriptor, see Section 4.4.1 o AC Descriptor, see Section 4.4.1
o AC Name, see Section 4.4.4 o AC Name, see Section 4.4.4
o WTP Manager Control IPv4 Address, see Section 4.4.40 o WTP Manager Control IPv4 Address, see Section 4.4.39
o WTP Manager Control IPv6 Address, see Section 4.4.41 o WTP Manager Control IPv6 Address, see Section 4.4.40
5.3. Primary Discovery Request Message 5.3. Primary Discovery Request Message
The Primary Discovery Request message is sent by the WTP to determine The Primary Discovery Request message is sent by the WTP to determine
whether its preferred (or primary) AC is available. whether its preferred (or primary) AC is available.
A Primary Discovery Request message is sent by a WTP when it has a A Primary Discovery Request message is sent by a WTP when it has a
primary AC configured, and is connected to another AC. This primary AC configured, and is connected to another AC. This
generally occurs as a result of a failover, and is used by the WTP as generally occurs as a result of a failover, and is used by the WTP as
a means to discover when its primary AC becomes available. As a a means to discover when its primary AC becomes available. As a
skipping to change at page 76, line 16 skipping to change at page 82, line 16
The frequency of the Primary Discovery Request messages should be no The frequency of the Primary Discovery Request messages should be no
more often than the sending of the Echo Request message. more often than the sending of the Echo Request message.
Upon receipt of a Discovery Request message, the AC responds with a Upon receipt of a Discovery Request message, the AC responds with a
Primary Discovery Response message sent to the address in the source Primary Discovery Response message sent to the address in the source
address of the received Primary Discovery Request message. address of the received Primary Discovery Request message.
The following message elements MUST be included in the Primary The following message elements MUST be included in the Primary
Discovery Request message. Discovery Request message.
o Discovery Type, see Section 4.4.19 o Discovery Type, see Section 4.4.18
o WTP Descriptor, see Section 4.4.34 o WTP Descriptor, see Section 4.4.33
o WTP Frame Type, see Section 4.4.36 o WTP Frame Tunnel Mode, see Section 4.4.35
o WTP MAC Type, see Section 4.4.38 o WTP MAC Type, see Section 4.4.37
o WTP Radio Information, see Section 4.4.39 A WTP Radio Information o WTP Radio Information, see Section 4.4.38 A WTP Radio Information
message element MUST be present for every radio in the WTP. message element MUST be present for every radio in the WTP.
5.4. Primary Discovery Response 5.4. Primary Discovery Response
The Primary Discovery Response message enables an AC to advertise its The Primary Discovery Response message enables an AC to advertise its
availability and services to requesting WTPs that are configured to availability and services to requesting WTPs that are configured to
have the AC as its primary AC. have the AC as its primary AC.
The Primary Discovery Response message is sent by an AC after The Primary Discovery Response message is sent by an AC after
receiving a Primary Discovery Request message. receiving a Primary Discovery Request message.
skipping to change at page 76, line 48 skipping to change at page 82, line 48
the configuration of the WTP Fallback Status message element on the the configuration of the WTP Fallback Status message element on the
WTP. WTP.
The following message elements MUST be included in the Primary The following message elements MUST be included in the Primary
Discovery Response message. Discovery Response message.
o AC Descriptor, see Section 4.4.1 o AC Descriptor, see Section 4.4.1
o AC Name, see Section 4.4.4 o AC Name, see Section 4.4.4
o WTP Manager Control IPv4 Address, see Section 4.4.40 o WTP Manager Control IPv4 Address, see Section 4.4.39
o WTP Manager Control IPv6 Address, see Section 4.4.41 o WTP Manager Control IPv6 Address, see Section 4.4.40
6. CAPWAP Join Operations 6. CAPWAP Join Operations
The Join Request message is used by a WTP to request service from an The Join Request message is used by a WTP to request service from an
AC after a DTLS connection is established to that AC. The Join AC after a DTLS connection is established to that AC. The Join
Response message is used by the the AC to indicate that it will or Response message is used by the the AC to indicate that it will or
will not provide service. will not provide service.
6.1. Join Request 6.1. Join Request
skipping to change at page 77, line 48 skipping to change at page 83, line 48
message, sets the WaitJoin timer for the session and sends the Join message, sets the WaitJoin timer for the session and sends the Join
Request message to the AC. Request message to the AC.
If an invalid (i.e. malformed) Join Request message is received, the If an invalid (i.e. malformed) Join Request message is received, the
message MUST be silently discarded by the AC. No response is sent to message MUST be silently discarded by the AC. No response is sent to
the WTP. The AC SHOULD log this event. the WTP. The AC SHOULD log this event.
The following message elements MUST be included in the Join Request The following message elements MUST be included in the Join Request
message. message.
o Location Data, see Section 4.4.26 o Location Data, see Section 4.4.25
o Session ID, see Section 4.4.30 o Session ID, see Section 4.4.29
o WTP Descriptor, see Section 4.4.34 o WTP Descriptor, see Section 4.4.33
o WTP IPv4 IP Address, see Section 4.4.37 o WTP IPv4 IP Address, see Section 4.4.36
o WTP Name, see Section 4.4.42 o WTP Name, see Section 4.4.41
o WTP Radio Information, see Section 4.4.39 A WTP Radio Information o WTP Radio Information, see Section 4.4.38 A WTP Radio Information
message element MUST be present for every radio in the WTP. message element MUST be present for every radio in the WTP.
6.2. Join Response 6.2. Join Response
The Join Response message is sent by the AC to indicate to a WTP that The Join Response message is sent by the AC to indicate to a WTP that
it is capable and willing to provide service to it. it is capable and willing to provide service to it.
After determining that a WTP should join the AC, the AC creates After determining that a WTP should join the AC, the AC creates
session state containing the WTP address, port and session ID, sets session state containing the WTP address, port and session ID, sets
the WaitJoin timer for the session, sends the Join Response message the WaitJoin timer for the session, sends the Join Response message
skipping to change at page 78, line 42 skipping to change at page 84, line 42
If an invalid (malformed) Join Response message is received, the WTP If an invalid (malformed) Join Response message is received, the WTP
SHOULD log an informative message detailing the error. This error SHOULD log an informative message detailing the error. This error
MUST be treated in the same manner as AC non-responsiveness. In this MUST be treated in the same manner as AC non-responsiveness. In this
way, the WaitJoin timer will eventually expire, in which case the WTP way, the WaitJoin timer will eventually expire, in which case the WTP
may (if it is so configured) attempt to join with an alternative AC. may (if it is so configured) attempt to join with an alternative AC.
The following message elements MAY be included in the Join Response The following message elements MAY be included in the Join Response
message. message.
o Result Code, see Section 4.4.29
o AC IPv4 List, see Section 4.4.2 o AC IPv4 List, see Section 4.4.2
o AC IPv6 List, see Section 4.4.3 o AC IPv6 List, see Section 4.4.3
o Session ID, see Section 4.4.30 o Result Code, see Section 4.4.28
o Session ID, see Section 4.4.29
7. Control Channel Management 7. Control Channel Management
The Control Channel Management messages are used by the WTP and AC to The Control Channel Management messages are used by the WTP and AC to
maintain a control communication channel. maintain a control communication channel. CAPWAP control messages,
such as the WTP Event Request message sent from the WTP to the AC
indicate to the AC that the WTP is operational. When such control
messages are not being sent, the Echo Request and Echo Response
messages are used to maintain the control communication channel.
7.1. Echo Request 7.1. Echo Request
The Echo Request message is a keep alive mechanism for CAPWAP control The Echo Request message is a keep alive mechanism for CAPWAP control
messages. messages.
Echo Request messages are sent periodically by a WTP in the Run state Echo Request messages are sent periodically by a WTP in the Run state
(see Section 2.3) to determine the state of the connection between (see Section 2.3) to determine the state of the connection between
the WTP and the AC. The Echo Request message is sent by the WTP when the WTP and the AC. The Echo Request message is sent by the WTP when
the Heartbeat timer expires. The WTP MUST start its the Heartbeat timer expires. The WTP MUST start its
skipping to change at page 81, line 34 skipping to change at page 87, line 34
Configure state. Configure state.
The Configuration Status message carries binding specific message The Configuration Status message carries binding specific message
elements. Refer to the appropriate binding for the definition of elements. Refer to the appropriate binding for the definition of
this structure. this structure.
When an AC receives a Configuration Status message it will act upon When an AC receives a Configuration Status message it will act upon
the content of the packet and respond to the WTP with a Configuration the content of the packet and respond to the WTP with a Configuration
Status Response message. Status Response message.
The Configuration Status message includes multiple Administrative The Configuration Status message includes multiple Radio
State message Elements. There is one such message element for the Administrative State message Elements. There is one such message
WTP, and one message element per radio in the WTP. element for the WTP, and one message element per radio in the WTP.
The following message elements MUST be included in the Configuration The following message elements MUST be included in the Configuration
Status message. Status message.
o AC Name, see Section 4.4.4 o AC Name, see Section 4.4.4
o AC Name with Index, see Section 4.4.5 o AC Name with Index, see Section 4.4.5
o Radio Administrative State, see Section 4.4.28 o Radio Administrative State, see Section 4.4.27
o Statistics Timer, see Section 4.4.31 o Statistics Timer, see Section 4.4.30
o WTP Board Data, see Section 4.4.33 o WTP Board Data, see Section 4.4.32
o WTP Static IP Address Information, see Section 4.4.44 o WTP Radio Information, see Section 4.4.38 A WTP Radio Information
o WTP Reboot Statistics, see Section 4.4.43 message element MUST be present for every radio in the WTP.
o WTP Reboot Statistics, see Section 4.4.44
o WTP Static IP Address Information, see Section 4.4.45
8.3. Configuration Status Response 8.3. Configuration Status Response
The Configuration Status Response message is sent by an AC and The Configuration Status Response message is sent by an AC and
provides a mechanism for the AC to override a WTP's requested provides a mechanism for the AC to override a WTP's requested
configuration. configuration.
Configuration Status Response messages are sent by an AC after Configuration Status Response messages are sent by an AC after
receiving a Configure Request message. receiving a Configure Request message.
The Configuration Status Response message carries binding specific The Configuration Status Response message carries binding specific
message elements. Refer to the appropriate binding for the message elements. Refer to the appropriate binding for the
definition of this structure. definition of this structure.
When a WTP receives a Configuration Status Response message it acts When a WTP receives a Configuration Status Response message it acts
upon the content of the message, as appropriate. If the upon the content of the message, as appropriate. If the
Configuration Status Response message includes a Change State Event Configuration Status Response message includes a Radio Administrative
message element that causes a change in the operational state of one State message element that causes a change in the operational state
of the Radio, the WTP will transmit a Change State Event to the AC, of one of the Radio, the WTP will transmit a Change State Event to
as an acknowledgement of the change in state. the AC, as an acknowledgement of the change in state.
The following message elements MUST be included in the Configuration The following message elements MUST be included in the Configuration
Status Response message. Status Response message.
o AC IPv4 List, see Section 4.4.2 o AC IPv4 List, see Section 4.4.2
o AC IPv6 List, see Section 4.4.3 o AC IPv6 List, see Section 4.4.3
o CAPWAP Timers, see Section 4.4.10 o CAPWAP Timers, see Section 4.4.10
o Change State Event, see Section 4.4.11 o Radio Administrative Event, see Section 4.4.27
o Decryption Error Report Period, see Section 4.4.15 o Decryption Error Report Period, see Section 4.4.14
o Idle Timeout, see Section 4.4.22 o Idle Timeout, see Section 4.4.21
o WTP Fallback, see Section 4.4.35 o WTP Fallback, see Section 4.4.34
8.4. Configuration Update Request 8.4. Configuration Update Request
Configure Update Request messages are sent by the AC to provision the Configuration Update Request messages are sent by the AC to provision
WTP while in the Run state. This is used to modify the configuration the WTP while in the Run state. This is used to modify the
of the WTP while it is operational. configuration of the WTP while it is operational.
When an AC receives a Configuration Update Request message it will When an AC receives a Configuration Update Request message it will
respond with a Configuration Update Response message, with the respond with a Configuration Update Response message, with the
appropriate Result Code. appropriate Result Code.
One or more of the following message elements MAY be included in the One or more of the following message elements MAY be included in the
Configuration Update message. Configuration Update message.
o AC IPv4 List, see Section 4.4.2
o AC IPv6 List, see Section 4.4.3
o AC Name with Index, see Section 4.4.5 o AC Name with Index, see Section 4.4.5
o AC Timestamp, see Section 4.4.6 o AC Timestamp, see Section 4.4.6
o Add MAC ACL Entry, see Section 4.4.7 o Add MAC ACL Entry, see Section 4.4.7
o Add Static MAC ACL Entry, see Section 4.4.9 o Add Static MAC ACL Entry, see Section 4.4.9
o CAPWAP Timers, see Section 4.4.10 o CAPWAP Timers, see Section 4.4.10
o Change State Event, see Section 4.4.11 o Decryption Error Report Period, see Section 4.4.14
o Decryption Error Report Period, see Section 4.4.15
o Delete MAC ACL Entry, see Section 4.4.16 o Delete MAC ACL Entry, see Section 4.4.15
o Delete Static MAC ACL Entry, see Section 4.4.18 o Delete Static MAC ACL Entry, see Section 4.4.17
o Idle Timeout, see Section 4.4.22 o Idle Timeout, see Section 4.4.21
o Location Data, see Section 4.4.26 o Location Data, see Section 4.4.25
o Radio Administrative State, see Section 4.4.28 o Radio Administrative State, see Section 4.4.27
o Statistics Timer, see Section 4.4.31 o Statistics Timer, see Section 4.4.30
o WTP Fallback, see Section 4.4.35 o WTP Fallback, see Section 4.4.34
o WTP Name, see Section 4.4.42 o WTP Name, see Section 4.4.41
8.5. Configuration Update Response 8.5. Configuration Update Response
The Configuration Update Response message is the acknowledgement The Configuration Update Response message is the acknowledgement
message for the Configuration Update Request message. message for the Configuration Update Request message.
The Configuration Update Response message is sent by a WTP after The Configuration Update Response message is sent by a WTP after
receiving a Configuration Update Request message. receiving a Configuration Update Request message.
When an AC receives a Configure Update Response message the result When an AC receives a Configuration Update Response message the
code indicates if the WTP successfully accepted the configuration. result code indicates if the WTP successfully accepted the
configuration.
The following message element MUST be present in the Configuration The following message element MUST be present in the Configuration
Update message. Update message.
Result Code, see Section 4.4.29 Result Code, see Section 4.4.28
The following message elements MAY be present in the Configuration
Update message.
o AC IPv4 List, see Section 4.4.2
o AC IPv6 List, see Section 4.4.3
8.6. Change State Event Request 8.6. Change State Event Request
The Change State Event Request message is used by the WTP to inform The Change State Event Request message is used by the WTP to inform
the AC of a change in the operational state. the AC of a change in the operational state.
The Change State Event Request message is sent by the WTP when it The Change State Event Request message is sent by the WTP when it
receives a Configuration Response message that includes a Change receives a Configuration Response message that includes a Change
State Event message element. It is also sent when the WTP detects an State Event message element. It is also sent when the WTP detects an
operational failure with a radio. The Change State Event Request operational failure with a radio. The Change State Event Request
message may be sent in either the Configure or Run state (see message may be sent in either the Configure or Run state (see
Section 2.3. Section 2.3.
When an AC receives a Change State Event message it will respond with When an AC receives a Change State Event Request message it will
a Change State Event Response message and make any necessary respond with a Change State Event Response message and make any
modifications to internal WTP data structures. necessary modifications to internal WTP data structures.
The following message elements MUST be present in the Change State The following message elements MUST be present in the Change State
Event Request message. Event Request message.
o Change State Event message element, see Section 4.4.11 o Radio Administrative State message element, see Section 4.4.27
8.7. Change State Event Response 8.7. Change State Event Response
The Change State Event Response message acknowledges the Change State The Change State Event Response message acknowledges the Change State
Event Request message. Event Request message.
A Change State Event Response message is by a WTP after receiving a A Change State Event Response message is sent by an AC in response to
Change State Event Request message. a Change State Event Request message.
The Change State Event Response message carries no message elements. The Change State Event Response message carries no message elements.
Its purpose is to acknowledge the receipt of the Change State Event Its purpose is to acknowledge the receipt of the Change State Event
Request message. Request message.
The WTP does not need to perform any special processing of the Change The WTP does not need to perform any special processing of the Change
State Event Response message. State Event Response message.
8.8. Clear Config Indication 8.8. Clear Configuration Request
The Clear Config Indication message is used to reset a WTP's The Clear Configuration Request message is used to reset a WTP's
configuration. configuration.
The Clear Config Indication message is sent by an AC to request that The Clear Configuration Request message is sent by an AC to request
a WTP reset its configuration to the manufacturing default that a WTP reset its configuration to the manufacturing default
configuration. The Clear Config Indication message is sent while in configuration. The Clear Config Request message is sent while in the
the Run CAPWAP state. Run CAPWAP state.
The Clear Config Indication message carries no message elements. The Clear Configuration Request message carries no message elements.
When a WTP receives a Clear Config Indication message it resets its When a WTP receives a Clear Configuration Request message it resets
configuration to the manufacturing default configuration. its configuration to the manufacturing default configuration.
8.9. Clear Configuration Response
The Clear Configuration Response message is sent by the WTP after
receiving a Clear Configuration Request message and resetting its
configuration parameters back to the manufacturing default values.
The Clear Configuration Request message carries the message elements.
o Result Code, see Section 4.4.28
9. Device Management Operations 9. Device Management Operations
This section defines CAPWAP operations responsible for debugging, This section defines CAPWAP operations responsible for debugging,
gathering statistics, logging, and firmware management. gathering statistics, logging, and firmware management.
9.1. Image Data Request 9.1. Image Data Request
The Image Data Request message is used to update firmware on the WTP. The Image Data Request message is used to update firmware on the WTP.
This message and its companion response message are used by the AC to This message and its companion response message are used by the AC to
skipping to change at page 86, line 47 skipping to change at page 92, line 47
Regardless of how the download was initiated, once the AC receives an Regardless of how the download was initiated, once the AC receives an
Image Data Request with the Image Filename message element, it begins Image Data Request with the Image Filename message element, it begins
the transfer process by transmitting its own request with the Image the transfer process by transmitting its own request with the Image
Data message element. This continues until the whole firmware image Data message element. This continues until the whole firmware image
has been transfered. has been transfered.
The following message elements MAY be included in the Image Data The following message elements MAY be included in the Image Data
Request Message. Request Message.
o Image Data, see Section 4.4.23 o Image Data, see Section 4.4.22
o Image Filename, see Section 4.4.24 o Image Filename, see Section 4.4.23
o Initiate Download, see Section 4.4.25 o Initiate Download, see Section 4.4.24
9.2. Image Data Response 9.2. Image Data Response
The Image Data Response message acknowledges the Image Data Request The Image Data Response message acknowledges the Image Data Request
message. message.
An Image Data Response message is sent in response to a received An Image Data Response message is sent in response to a received
Image Data Request message. Its purpose is to acknowledge the Image Data Request message. Its purpose is to acknowledge the
receipt of the Image Data Request message. receipt of the Image Data Request message.
skipping to change at page 88, line 9 skipping to change at page 94, line 9
MAY collect statistics and use the WTP Event Request message to MAY collect statistics and use the WTP Event Request message to
transmit the statistics to the AC. transmit the statistics to the AC.
When an AC receives a WTP Event Request message it will respond with When an AC receives a WTP Event Request message it will respond with
a WTP Event Response message. a WTP Event Response message.
The WTP Event Request message MUST contain one of the message The WTP Event Request message MUST contain one of the message
elements listed below, or a message element that is defined for a elements listed below, or a message element that is defined for a
specific wireless technology. specific wireless technology.
o Decryption Error Report, see Section 4.4.14 o Decryption Error Report, see Section 4.4.13
o Duplicate IPv4 Address, see Section 4.4.20 o Duplicate IPv4 Address, see Section 4.4.19
o Duplicate IPv6 Address, see Section 4.4.21 o Duplicate IPv6 Address, see Section 4.4.20
o WTP Operational Statistics, see Section 4.4.42
o WTP Radio Statistics, see Section 4.4.43
o WTP Reboot Statistics, see Section 4.4.44
9.6. WTP Event Response 9.6. WTP Event Response
The WTP Event Response message acknowledges receipt of the WTP Event The WTP Event Response message acknowledges receipt of the WTP Event
Request message. Request message.
A WTP Event Response message issent by an AC after receiving a WTP A WTP Event Response message issent by an AC after receiving a WTP
Event Request message. Event Request message.
The WTP Event Response message carries no message elements. The WTP Event Response message carries no message elements.
skipping to change at page 88, line 44 skipping to change at page 94, line 50
debugger function in the WTP also uses the Data Transfer Request debugger function in the WTP also uses the Data Transfer Request
message to send console output to the AC for debugging purposes. message to send console output to the AC for debugging purposes.
When the AC receives a Data Transfer Request message it responds to When the AC receives a Data Transfer Request message it responds to
the WTP ith a Data Transfer Response message. The AC MAY log the the WTP ith a Data Transfer Response message. The AC MAY log the
information received. information received.
The Data Transfer Request message MUST contain one of the message The Data Transfer Request message MUST contain one of the message
elements listed below. elements listed below.
o Data Transfer Mode, see Section 4.4.13 o Data Transfer Data, see Section 4.4.11
o Data Transfer Mode, see Section 4.4.12
o Data Transfer Data, see Section 4.4.12
9.8. Data Transfer Response 9.8. Data Transfer Response
The Data Transfer Response message acknowledges the Data Transfer The Data Transfer Response message acknowledges the Data Transfer
Request message. Request message.
A Data Transfer Response message is sent in response to a received A Data Transfer Response message is sent in response to a received
Data Transfer Request message. Its purpose is to acknowledge receipt Data Transfer Request message. Its purpose is to acknowledge receipt
of the Data Transfer Request message. of the Data Transfer Request message.
The Data Transfer Response message carries no message elements. The Data Transfer Response message carries no message elements.
Upon receipt of a Data Transfer Response message, the WTP transmits Upon receipt of a Data Transfer Response message, the WTP transmits
more information, if more information is available. more information, if more information is available.
10. Mobile Session Management 10. Mobile Session Management
Messages in this section are used by the AC to create, modify or Messages in this section are used by the AC to create, modify or
delete mobile station session state on the WTPs. delete mobile station session state on the WTPs.
10.1. Mobile Config Request 10.1. Mobile Configuration Request
The Mobile Config Request message is used to create, modify or delete The Mobile Configuration Request message is used to create, modify or
mobile session state on a WTP. The message is sent by the AC to the delete mobile session state on a WTP. The message is sent by the AC
WTP, and may contain one or more message elements. The message to the WTP, and may contain one or more message elements. The
elements for this CAPWAP control message include information that is message elements for this CAPWAP control message include information
generally highly technology specific. Refer to the appropriate that is generally highly technology specific. Refer to the
binding section or document for the definitions of the messages appropriate binding section or document for the definitions of the
elements that may be used in this control message. messages elements that may be used in this control message.
The following CAPWAP Control message elements MAY be included in the The following CAPWAP Control message elements MAY be included in the
Mobile Config Request message. Mobile Configuration Request message.
o Add Mobile Station, see Section 4.4.8 o Add Mobile Station, see Section 4.4.8
o Delete Mobile Station, see Section 4.4.17 o Delete Mobile Station, see Section 4.4.16
10.2. Mobile Config Response 10.2. Mobile Configuration Response
The Mobile Configuration Response message is used to acknowledge a The Mobile Configuration Response message is used to acknowledge a
previously received Mobile Configuration Request message, and MUST previously received Mobile Configuration Request message. The
include a Result Code message element, see Section 4.4.29 which following message element MUST be present in the Mobile Configuration
indicates whether an error occurred on the WTP. Response message.
This message requires no special processing, and is only used to o Result Code, see Section 4.4.28
acknowledge receipt of the Mobile Configuration Request message.
The Result Code message element indicates that the requested
configuration was successfully applied, or that an error related to
processing of the Mobile Configuration Request message occurred on
the WTP.
11. IEEE 802.11 Binding 11. IEEE 802.11 Binding
This section defines the extensions required for the CAPWAP protocol This section defines the extensions required for the CAPWAP protocol
to be used with the IEEE 802.11 protocol. to be used with the IEEE 802.11 protocol.
11.1. Split MAC and Local MAC Functionality 11.1. Split MAC and Local MAC Functionality
The CAPWAP protocol, when used with IEEE 802.11 devices, requires a The CAPWAP protocol, when used with IEEE 802.11 devices, requires a
specific behavior from the WTP and the AC, to support the required specific behavior from the WTP and the AC, to support the required
IEEE 802.11 protocol functions. IEEE 802.11 protocol functions.
For both the Split and Local MAC approaches, the CAPWAP functions, as For both the Split and Local MAC approaches, the CAPWAP functions, as
defined in the taxonomy specification [Add reference], reside in the defined in the taxonomy specification [Add reference], reside in the
AC. AC.
11.1.1. Split MAC 11.1.1. Split MAC
This section shows the division of labor between the WTP and the AC This section shows the division of labor between the WTP and the AC
in a Split MAC architecture. Figure 3 shows the clear separation of in a Split MAC architecture. Figure 4 shows the clear separation of
functionality among CAPWAP components. functionality among CAPWAP components.
Function Location Function Location
Distribution Service AC Distribution Service AC
Integration Service AC Integration Service AC
Beacon Generation WTP Beacon Generation WTP
Probe Response Generation WTP Probe Response Generation WTP
Power Mgmt/Packet Buffering WTP Power Mgmt/Packet Buffering WTP
Fragmentation/Defragmentation WTP/AC Fragmentation/Defragmentation WTP/AC
Assoc/Disassoc/Reassoc AC Assoc/Disassoc/Reassoc AC
skipping to change at page 91, line 45 skipping to change at page 97, line 45
802.11e 802.11e
Classifying AC Classifying AC
Scheduling WTP/AC Scheduling WTP/AC
Queuing WTP Queuing WTP
802.11i 802.11i
802.1X/EAP AC 802.1X/EAP AC
RSNA Key Management AC RSNA Key Management AC
802.11 Encryption/Decryption WTP/AC 802.11 Encryption/Decryption WTP/AC
Figure 3: Mapping of 802.11 Functions for Split MAC Architecture Figure 4: Mapping of 802.11 Functions for Split MAC Architecture
The Distribution and Integration services reside on the AC, and The Distribution and Integration services reside on the AC, and
therefore all user data is tunneled between the WTP and the AC. As therefore all user data is tunneled between the WTP and the AC. As
noted above, all real-time IEEE 802.11 services, including the beacon noted above, all real-time IEEE 802.11 services, including the beacon
and probe response frames, are handled on the WTP. and probe response frames, are handled on the WTP.
All remaining IEEE 802.11 MAC management frames are supported on the All remaining IEEE 802.11 MAC management frames are supported on the
AC, including the Association Request which allows the AC to be AC, including the Association Request which allows the AC to be
involved in the access policy enforcement portion of the IEEE 802.11 involved in the access policy enforcement portion of the IEEE 802.11
protocol. The IEEE 802.1X and IEEE 802.11i key management function protocol. The IEEE 802.1X and IEEE 802.11i key management function
are also located on the AC. are also located on the AC. This implies that the AAA client also
resides on the AC.
While the admission control component of IEEE 802.11e resides on the While the admission control component of IEEE 802.11e resides on the
AC, the real time scheduling and queuing functions are on the WTP. AC, the real time scheduling and queuing functions are on the WTP.
Note this does not exclude the AC from providing additional policing Note this does not exclude the AC from providing additional policing
and scheduling functionality. and scheduling functionality.
Note that in the following figure, the use of '( - )' indicates that Note that in the following figure, the use of '( - )' indicates that
processing of the frames is done on the WTP. processing of the frames is done on the WTP.
Client WTP AC Client WTP AC
skipping to change at page 92, line 38 skipping to change at page 98, line 39
<-------------------------> <------------------------->
802.1X Authentication & 802.11i Key Exchange 802.1X Authentication & 802.11i Key Exchange
<---------------------------------------------------------> <--------------------------------------------------------->
Mobile Config Request[Add Mobile (AES-CCMP, PTK=x)] Mobile Config Request[Add Mobile (AES-CCMP, PTK=x)]
<-------------------------> <------------------------->
802.11 Action Frames 802.11 Action Frames
<---------------------------------------------------------> <--------------------------------------------------------->
802.11 DATA (1) 802.11 DATA (1)
<---------------------------( - )-------------------------> <---------------------------( - )------------------------->
Figure 4: Split MAC Message Flow Figure 5: Split MAC Message Flow
Figure 4 provides an illustration of the division of labor in a Split Figure 5 provides an illustration of the division of labor in a Split
MAC architecture. In this example, a WLAN has been created that is MAC architecture. In this example, a WLAN has been created that is
configured for IEEE 802.11i, using AES-CCMP for privacy. The configured for IEEE 802.11i, using AES-CCMP for privacy. The
following process occurs: following process occurs:
o The WTP generates the IEEE 802.11 beacon frames, using information o The WTP generates the IEEE 802.11 beacon frames, using information
provided to it through the Add WLAN (see Section Section 11.10.1) provided to it through the Add WLAN (see Section Section 11.9.1)
message element. message element.
o The WTP processes the probe request and responds with a o The WTP processes the probe request and responds with a
corresponding probe response. The probe request is then forwarded corresponding probe response. The probe request is then forwarded
to the AC for optional processing. to the AC for optional processing.
o The WTP forwards the IEEEE 802.11 Authentication and Association o The WTP forwards the IEEEE 802.11 Authentication and Association
frames to the AC, which is responsible for responding to the frames to the AC, which is responsible for responding to the
client. client.
o Once the association is complete, the AC transmits an CAPWAP Add o Once the association is complete, the AC transmits an CAPWAP Add
Mobile Station request to the WTP (see Section Section 4.4.8. In Mobile Station request to the WTP (see Section Section 4.4.8. In
the above example, the WLAN is configured for IEEE 802.1X, and the above example, the WLAN is configured for IEEE 802.1X, and
therefore the '802.1X only' policy bit is enabled. therefore the '802.1X only' policy bit is enabled.
o If the WTP is providing encryption/decryption services, once the o If the WTP is providing encryption/decryption services, once the
client has completed the IEEE 802.11i key exchange, the AC client has completed the IEEE 802.11i key exchange, the AC
transmits another Add Mobile request to the WTP, stating the transmits another Add Mobile request to the WTP, stating the
security policy to enforce for the client (in this case AES-CCMP), security policy to enforce for the client (in this case AES-CCMP),
as well as the encryption key to use. If encryption/decryption is as well as the encryption key to use. If encryption/decryption is
handled in the AC, the Add Mobile Station request would have the handled in the AC, the IEEE 802.11 Add Mobile Station request
encryption policy set to "Clear Text". would not include the RSN Information Element.
o The WTP forwards any 802.11 Action frames received to the AC. o The WTP forwards any 802.11 Action frames received to the AC.
o All client data frames are tunneled between the WTP and the AC. o All client data frames are tunneled between the WTP and the AC.
Note that the WTP is responsible for encrypting and decrypting Note that the WTP is responsible for encrypting and decrypting
frames, if it was indicated in the Add Mobile request. frames, if it was indicated in the Add Mobile request.
11.1.2. Local MAC 11.1.2. Local MAC
This section shows the division of labor between the WTP and the AC This section shows the division of labor between the WTP and the AC
in a Local MAC architecture. Figure 5 shows the clear separation of in a Local MAC architecture. Figure 6 shows the clear separation of
functionality among CAPWAP components. functionality among CAPWAP components.
Function Location Function Location
Distribution Service WTP Distribution Service WTP
Integration Service WTP Integration Service WTP
Beacon Generation WTP Beacon Generation WTP
Probe Response WTP Probe Response Generation WTP
Power Mgmt/Packet Buffering WTP Power Mgmt/Packet Buffering WTP
Fragmentation/Defragmentation WTP Fragmentation/Defragmentation WTP
Assoc/Disassoc/Reassoc WTP Assoc/Disassoc/Reassoc WTP
802.11e 802.11e
Classifying WTP Classifying WTP
Scheduling WTP Scheduling WTP
Queuing WTP Queuing WTP
802.11i 802.11i
802.1X/EAP AC 802.1X/EAP AC
RSNA Key Management AC RSNA Key Management AC
802.11 Encryption/Decryption WTP 802.11 Encryption/Decryption WTP
Figure 5: Mapping of 802.11 Functions for Local AP Architecture Figure 6: Mapping of 802.11 Functions for Local AP Architecture
Given the Distribution and Integration Services exist on the WTP, Given the Distribution and Integration Services exist on the WTP,
client data frames are not forwarded to the AC, with the exception client data frames are not forwarded to the AC, with the exception
listed in the following paragraphs. listed in the following paragraphs.
While the MAC is terminated on the WTP, it is necessary for the AC to While the MAC is terminated on the WTP, it is necessary for the AC to
be aware of mobility events within the WTPs. As a consequence, the be aware of mobility events within the WTPs. As a consequence, the
WTP MUST forward the IEEE 802.11 Association Requests to the AC, and WTP MUST forward the IEEE 802.11 Association Requests to the AC. The
the AC MAY reply with a failed Association Response if it deems it AC MAY reply with a failed Association Response if it deems it
necessary. necessary, and upon receipt of a failed Association Response from the
AC, the WTP must send a Disassociation frame to the mobile station.
The IEEE 802.1X and RSNA Key Management function resides in the AC. The IEEE 802.1X and RSNA Key Management function resides in the AC.
Therefore, the WTP MUST forward all IEEE 802.1X/RSNA Key Management Therefore, the WTP MUST forward all IEEE 802.1X/RSNA Key Management
frames to the AC and forward the associated responses to the station. frames to the AC and forward the associated responses to the station.
This implies that the AAA client also resides on the AC.
Note that in the following figure, the use of '( - )' indicates that Note that in the following figure, the use of '( - )' indicates that
processing of the frames is done on the WTP. processing of the frames is done on the WTP.
Client WTP AC Client WTP AC
Beacon Beacon
<----------------------------- <-----------------------------
Probe Probe
<----------------------------> <---------------------------->
skipping to change at page 95, line 26 skipping to change at page 101, line 26
<-------------------------> <------------------------->
802.1X Authentication & 802.11i Key Exchange 802.1X Authentication & 802.11i Key Exchange
<---------------------------------------------------------> <--------------------------------------------------------->
802.11 Action Frames 802.11 Action Frames
<---------------------------------------------------------> <--------------------------------------------------------->
Mobile Config Request[Add Mobile (AES-CCMP, PTK=x)] Mobile Config Request[Add Mobile (AES-CCMP, PTK=x)]
<-------------------------> <------------------------->
802.11 DATA 802.11 DATA
<-----------------------------> <----------------------------->
Figure 6: Local MAC Message Flow Figure 7: Local MAC Message Flow
Figure 6 provides an illustration of the division of labor in a Local Figure 7 provides an illustration of the division of labor in a Local
MAC architecture. In this example, a WLAN has been created that is MAC architecture. In this example, a WLAN has been created that is
configured for IEEE 802.11i, using AES-CCMP for privacy. The configured for IEEE 802.11i, using AES-CCMP for privacy. The
following process occurs: following process occurs:
o The WTP generates the IEEE 802.11 beacon frames, using information o The WTP generates the IEEE 802.11 beacon frames, using information
provided to it through the Add WLAN (see Section 11.10.1) message provided to it through the Add WLAN (see Section 11.9.1) message
element. element.
o The WTP processes the probe request and responds with a o The WTP processes the probe request and responds with a
corresponding probe response. corresponding probe response.
o The WTP forwards the IEEE 802.11 Authentication and Association o The WTP forwards the IEEE 802.11 Authentication and Association
frames to the AC, which is responsible for responding to the frames to the AC.
client.
o Once the association is complete, the AC transmits an CAPWAP Add o Once the association is complete, the AC transmits an CAPWAP Add
Mobile Station message element to the WTP (see Section Mobile Station message element to the WTP (see Section
Section 4.4.8. In the above example, the WLAN is configured for Section 4.4.8. In the above example, the WLAN is configured for
IEEE 802.1X, and therefore the '802.1X only' policy bit is IEEE 802.1X, and therefore the '802.1X only' policy bit is
enabled. enabled.
o The WTP forwards all IEEE 802.1X and IEEE 802.11i key exchange o The WTP forwards all IEEE 802.1X and IEEE 802.11i key exchange
messages to the AC for processing. messages to the AC for processing.
o The AC transmits another Add Mobile Station message element to the o The AC transmits another Add Mobile Station message element to the
WTP, stating the security policy to enforce for the client (in WTP, stating the security policy to enforce for the client (in
this case AES-CCMP), as well as the encryption key to use. The this case AES-CCMP), as well as the encryption key to use. The
Add Mobile Station message element MAY include a VLAN name, which Add Mobile Station message element MAY include a VLAN name, which
when present is used by the WTP to identify the VLAN on which the when present is used by the WTP to identify the VLAN on which the
user's data frames are to be bridged. user's data frames are to be bridged.
o The WTP forwards any IEEE 802.11 Action frames received to the AC. o The WTP forwards any IEEE 802.11 Action frames received to the AC.
o The WTP may locally bridge client data frames (and provide the
necessary encryption and decryption services). The WTP may also
tunnel client data frames to the AC, using 802.3 frame tunnel mode
or 802.11 frame tunnel mode.
11.2. Roaming Behavior 11.2. Roaming Behavior
It is important that CAPWAP implementations react properly to mobile It is important that CAPWAP implementations react properly to mobile
devices associating to the networks in how they generate Add Mobile devices associating to the networks in how they generate Add Mobile
and Delete Mobile messages. This section expands upon the examples and Delete Mobile messages. This section expands upon the examples
provided in the previous section, and describes how the CAPWAP provided in the previous section, and describes how the CAPWAP
control protocol is used in order to provide secure roaming. control protocol is used in order to provide secure roaming.
Once a client has successfully associated with the network in a Once a client has successfully associated with the network in a
secure fashion, it is likely to attempt to roam to another WTP. secure fashion, it is likely to attempt to roam to another WTP.
Figure 7 shows an example of a currently associated station moving Figure 8 shows an example of a currently associated station moving
from its "Old WTP" to a "new WTP". The figure is useful for multiple from its "Old WTP" to a "new WTP". The figure is useful for multiple
different security policies, including IEEE 802.1X and dynamic WEP different security policies, including IEEE 802.1X and dynamic WEP
keys, WPA or even WPA2 both with key caching (where the IEEE 802.1x keys, WPA or even WPA2 both with key caching (where the IEEE 802.1x
exchange would be bypassed) and without. exchange would be bypassed) and without.
Client Old WTP WTP AC Client Old WTP WTP AC
Association Request/Response Association Request/Response
<--------------------------------------( - )--------------> <--------------------------------------( - )-------------->
Mobile Config Request[Add Mobile (Clear Text, 802.1X)] Mobile Config Request[Add Mobile (Clear Text, 802.1X)]
<----------------> <---------------->
802.1X Authentication (if no key cache entry exists) 802.1X Authentication (if no key cache entry exists)
<--------------------------------------( - )--------------> <--------------------------------------( - )-------------->
802.11i 4-way Key Exchange 802.11i 4-way Key Exchange
<--------------------------------------( - )--------------> <--------------------------------------( - )-------------->
Mobile Config Request[Delete Mobile] Mobile Config Request[Delete Mobile]
<----------------------------------> <---------------------------------->
Mobile Config Request[Add Mobile (AES-CCMP, PTK=x)] Mobile Config Request[Add Mobile (AES-CCMP, PTK=x)]
<----------------> <---------------->
Figure 7: Client Roaming Example Figure 8: Client Roaming Example
11.3. Group Key Refresh 11.3. Group Key Refresh
Periodically, the Group Key (GTK)for the BSS needs to be updated. Periodically, the Group Key (GTK)for the BSS needs to be updated.
The AC uses an EAPoL frame to update the group key for each STA in The AC uses an EAPoL frame to update the group key for each STA in
the BSS. While the AC is updating the GTK, each L2 broadcast frame the BSS. While the AC is updating the GTK, each L2 broadcast frame
transmitted to the BSS needs to be duplicated and transmitted using transmitted to the BSS needs to be duplicated and transmitted using
both the current GTK and the new GTK. Once the GTK update process both the current GTK and the new GTK. Once the GTK update process
has completed, broadcast frames transmitted to the BSS will be has completed, broadcast frames transmitted to the BSS will be
encrypted using the new GYT encrypted using the new GTK.
In the case of Split MAC, the AC needs to duplicate all broadcast In the case of Split MAC, the AC needs to duplicate all broadcast
packets and update the key index so that the packet is transmitted packets and update the key index so that the packet is transmitted
using both the current and new GTK to ensure that all STA's in the using both the current and new GTK to ensure that all STA's in the
BSS receive the broadcast frames. In the case of local MAC, the WTP BSS receive the broadcast frames. In the case of local MAC, the WTP
needs to duplicate and transmit broadcast frames using the needs to duplicate and transmit broadcast frames using the
appropriate index to ensure that all STA's in the BSS continue to appropriate index to ensure that all STA's in the BSS continue to
receive broadcast frames. receive broadcast frames.
The Group Key update procedure is given in the following figure. The The Group Key update procedure is given in the following figure. The
AC will signal the update to the GTK using an 802.11 Configuration AC will signal the update to the GTK using an 802.11 Configuration
Request frame with the new GTK, its index, and the Key Status set to Request frame with the new GTK, its index, the TSC for the Group Key
3 (begin GTK update). The AC will then begin updating the GTK for and the Key Status set to 3 (begin GTK update). The AC will then
each STA. During this time, the AC (for Split MAC) or WTP (for Local begin updating the GTK for each STA. During this time, the AC (for
MAC) must duplicate broadcast packets and transmit them encrypted Split MAC) or WTP (for Local MAC) must duplicate broadcast packets
with both the current and new GTK. When the AC has completed the GTK and transmit them encrypted with both the current and new GTK. When
update to all STA's in the BSS, the AC must transmit an 802.11 the AC has completed the GTK update to all STA's in the BSS, the AC
Configuration Request frame containing the new GTK, its index, and must transmit an 802.11 Configuration Request frame containing the
the Key Status set to 4 (GTK update complete). new GTK, its index, and the Key Status set to 4 (GTK update
complete).
Client WTP AC Client WTP AC
802.11 Config Request ( Update WLAN (GTK, GTK Index, GTK Start) 802.11 Config Request ( Update WLAN (GTK, GTK Index, GTK Start, Group TSC) )
<---------------------------------------------- <----------------------------------------------
802.1X EAPoL (GTK Message 1) 802.1X EAPoL (GTK Message 1)
<-------------( - )------------------------------------------- <-------------( - )-------------------------------------------
802.1X EAPoL (GTK Message 2) 802.1X EAPoL (GTK Message 2)
-------------( - )-------------------------------------------> -------------( - )------------------------------------------->
802.11 Config Request ( Update WLAN (GTK, GTK Index, GTK Complete) 802.11 Config Request ( Update WLAN (GTK Index, GTK Complete) )
<--------------------------------------------- <---------------------------------------------
Figure 8: Group Key Update Procedure Figure 9: Group Key Update Procedure
11.4. Transport specific bindings 11.4. BSSID to WLAN ID Mapping
All CAPWAP transports have the following IEEE 802.11 specific The CAPWAP protocol allows the WTP to assign BSSIDs upon creation of
bindings: a WLAN (see Section 11.9.1). While manufacturers are free to assign
BSSIDs using any arbitrary mechanism, it is advised that where
possible the BSSIDs are assigned as a contiguous block.
Payload encapsulation The CAPWAP protocol defines the CAPWAP data When assigned as a block, implementations can still assign any of the
frame, which is used to encapsulate a wireless payload. For IEEE available BSSIDs to any WLAN. One possible method is for the WTP to
802.11, the IEEE 802.11 header and payload are encapsulated assign the address using the following algorithm: base BSSID address
+ WLAN ID.
The WTP communicates the maximum number of BSSIDs that it supports
during the Config Request within the IEEE 802.11 WTP WLAN Radio
Configuration message element (see Section 11.9.23).
11.5. Quality of Service for IEEE 802.11 Control Messages
It is recommended that IEEE 802.11 MAC management frames be sent by
both the AC and the WTP with appropriate Quality of Service values,
ensuring that congestion in the network minimizes occurrences of
packet loss. Therefore, a Quality of Service enabled CAPWAP device
should use:
802.1P: The precedence value of 7 SHOULD be used for all IEEE 802.11
MAC management frames, except for Probe Requests which SHOULD use
4.
DSCP: The DSCP tag value of 46 SHOULD be used for all IEEE 802.11
MAC management frames, except for Probe Requests which SHOULD use
34.
11.6. IEEE 802.11 Specific CAPWAP Control Messages
This section defines CAPWAP Control Messages that are specific to the
IEEE 802.11 binding. The two messages are defined, the IEEE 802.11
WLAN Config Request and IEEE 802.11 WLAN Config Response messages.
See Section 4.3.1.1
The valid message types for IEEE 802.11 specific control messages are
listed below. The IANA Enterprise number used with these messages is
13277.
CAPWAP Control Message Message Type
Value
IEEE 802.11 WLAN Configuration Request 3398912
IEEE 802.11 WLAN Configuration Response 3398913
11.6.1. IEEE 802.11 WLAN Configuration Request
The IEEE 802.11 WLAN Configuration Request is sent by the AC to the
WTP in order to change services provided by the WTP. This control
message is used to either create, update or delete a WLAN on the WTP.
The IEEE 802.11 WLAN Configuration Request is sent as a result of
either some manual admistrative process (e.g., deleting a WLAN), or
automatically to create a WLAN on a WTP. When sent automatically to
create a WLAN, this control message is sent after the CAPWAP
Configure Update Request message has been received by the WTP.
Upon receiving this control message, the WTP will modify the
necessary services, and transmit an IEEE 802.11 WLAN Configuration
Response.
A WTP MAY provide service for more than one WLAN, therefore every
WLAN is identified through a numerical index. For instance, a WTP
that is capable of supporting up to 16 SSIDs, could accept up to 16
IEEE 802.11 WLAN Configuration Request messages that include the Add
WLAN message element.
Since the index is the primary identifier for a WLAN, an AC MAY
attempt to ensure that the same WLAN is identified through the same
index number on all of its WTPs. An AC that does not follow this
approach MUST find some other means of maintaining a WLAN Identifier
to SSID mapping table.
The following message elements may be included in the IEEE 802.11
WLAN Configuration Request message. Only one message element MUST be
present.
o IEEE 802.11 Add WLAN, see Section 11.9.1
o IEEE 802.11 Delete WLAN, see Section 11.9.4
o IEEE 802.11 Information Element, see Section 11.9.6
o IEEE 802.11 Update WLAN, see Section 11.9.21
11.6.2. IEEE 802.11 WLAN Configuration Response
The IEEE 802.11 WLAN Configuration Response message is sent by the
WTP to the AC. It is used to acknowledge receipt of an IEEE 802.11
WLAN Configuration Request message, and to indicate if the requested
configuration was successfully applied, or if an error related to the
processing of the IEEE 802.11 WLAN Configuration Request message
occurred on the WTP.
The following message element MAY be included in the IEEE 802.11 WLAN
Configuration Response message.
o IEEE 802.11 Assigned WTP BSSID, see Section 11.9.3
The following message element MUST be included in the IEEE 802.11
WLAN Configuration Response message. Only one message element MUST
be present.
o Result Code, see Section 4.4.28
11.7. CAPWAP Data Message Bindings
This section describes the CAPWAP Data Message bindings to support
IEEE 802.11 frames.
Payload encapsulation: The CAPWAP protocol defines the CAPWAP data
message, which is used to encapsulate a wireless payload. For
IEEE 802.11, the IEEE 802.11 header and payload are encapsulated
(excluding the IEEE 802.11 FCS checksum). The IEEE 802.11 FCS (excluding the IEEE 802.11 FCS checksum). The IEEE 802.11 FCS
checksum is handled by the WTP. This allows the WTP to validate a checksum is handled by the WTP. This allows the WTP to validate
frame prior to sending it to the AC. Similarly, when an AC wishes an IEEE 802.11 frame prior to sending it to the AC. Similarly,
to transmit a frame towards a station, the WTP computes and adds when an AC wishes to transmit a frame towards a station, the WTP
the FCS checksum. computes and adds the FCS checksum.
CAPWAP Header Reserved field The reserved CAPWAP header field (see Optional Wireless Specific Information: The optional CAPWAP header
figure Section 4.1) is only used with CAPWAP data frames, and it field (see Section 4.1) is only used with CAPWAP data messages,
serves two purposes, depending upon the direction of the frame. and it serves two purposes, depending upon the direction of the
For packets from the WTP to the AC, the field uses the format message. For messages from the WTP to the AC, the field uses the
described in the IEEE 802.11 Frame Info" field. However, for format described in the "IEEE 802.11 Frame Info" field (see
frames sent by the AC to the WTP, the format used is described in below). However, for messages sent by the AC to the WTP, the
described in the Destination WLANs field. format used is described in described in the "Destination WLANs"
field (also defined below).
IEEE 802.11 Frame Info When an CAPWAP data frame is received from a IEEE 802.11 Frame Info: When an IEEE 802.11 frame is received from a
station over the air, it is encapsulated and this field is used to station over the air, it is encapsulated and this field is used to
include radio and PHY specific information associated with the include radio and PHY specific information associated with the
frame. frame.
When used with the IEEE 802.11 binding, the field follows the The IEEE 802.11 Frame Info field has the following format:
following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RSSI | SNR | Data Rate | | RSSI | SNR | Data Rate |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
RSSI: RSSI is a signed, 8-bit value. It is the received signal RSSI: RSSI is a signed, 8-bit value. It is the received signal
strength indication, in dBm. strength indication, in dBm.
SNR: SNR is a signed, 8-bit value. It is the signal to noise SNR: SNR is a signed, 8-bit value. It is the signal to noise
ratio of the received IEEE 802.11 frame, in dB. ratio of the received IEEE 802.11 frame, in dB.
Data Rate: The data rate field is a 16 bit unsigned value. The Data Rate: The data rate field is a 16 bit unsigned value. The
contents of the field is set to 1/10th of the data rate of the contents of the field is set to 1/10th of the data rate of the
packet received by the WTP. For instance, a packet received at packet received by the WTP. For instance, a packet received at
5.5Mbps would be set to 55, while 11Mbps would be set to 110. 5.5Mbps would be set to 55, while 11Mbps would be set to 110.
skipping to change at page 99, line 12 skipping to change at page 107, line 29
to perform the necessary frame replication services. The field to perform the necessary frame replication services. The field
uses the following format: uses the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WLAN | Reserved | | WLAN | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
WLAN: This bit field indicates the WLAN ID (see section WLAN: This bit field indicates the WLAN ID (see section
Section 11.10.1) which the WTP will transmit the associated Section 11.9.1) which the WTP will transmit the associated
frame on. For instance, if a multicast packet is to be frame on. For instance, if a multicast packet is to be
transmitted on WLANs 1 and 3, bits 1 and 3 of this field would transmitted on WLANs 1 and 3, bits 1 and 3 of this field would
be enabled. Note this field is to be set to zero for unicast be enabled. Note this field is to be set to zero for unicast
packets and is unused if the WTP is not providing encryption packets and is unused if the WTP is not providing encryption
services. services.
Reserved: This field MUST be set to zero. Reserved: This field MUST be set to zero.
11.5. BSSID to WLAN ID Mapping 11.8. CAPWAP Control Message bindings
The CAPWAP protocol allows the WTP to assign BSSIDs upon creation of This section describes the IEEE 802.11 specific message elements
a WLAN (see Section Section 11.10.1). While manufacturers are free included in CAPWAP Control Messages.
to assign BSSIDs using any arbitrary mechanism, it is advised that
where possible the BSSIDs are assigned as a contiguous block.
When assigned as a block, implementations can still assign any of the 11.8.1. Configuration Status Message
available BSSIDs to any WLAN. One possible method is for the WTP to
assign the address using the following algorithm: base BSSID address
+ WLAN ID.
The WTP communicates the maximum number of BSSIDs that it supports The following IEEE 802.11 specific message elements may be included
during the Config Request within the IEEE 802.11 WTP WLAN Radio in the CAPWAP Configuration Status Message.
Configuration message element (see Section 11.10.24).
11.6. Quality of Service for Control Messages o IEEE 802.11 Antenna, see Section 11.9.2
It is recommended that IEEE 802.11 MAC management frames be sent by o IEEE 802.11 Direct Sequence Control, see Section 11.9.5
both the AC and the WTP with appropriate Quality of Service values, o IEEE 802.11 MAC Operation, see Section 11.9.7
ensuring that congestion in the network minimizes occurrences of
packet loss. Therefore, a Quality of Service enabled CAPWAP device
should use:
802.1P: The precedence value of 6 SHOULD be used for all IEEE 802.11 o IEEE 802.11 Multi Domain Capability, see Section 11.9.11
MAC management frames, except for Probe Requests which SHOULD use
4.
DSCP: The DSCP tag value of 46 SHOULD be used for all IEEE 802.11 o IEEE 802.11 OFDM Control, see Section 11.9.12
MAC management frames, except for Probe Requests which SHOULD use
34.
11.7. IEEE 802.11 Specific CAPWAP Control Messages o IEEE 802.11 Supported Rates, see Section 11.9.17
This section defines CAPWAP Control Messages that are specific to the o IEEE 802.11 Tx Power, see Section 11.9.18
IEEE 802.11 binding. The two messages are defined as IEEE 802.11
WLAN Config Request and IEEE 802.11 WLAN Config Response. See
Section 4.3.1.1
The valid message types for IEEE 802.11 specific control messages are o IEEE 802.11 TX Power Level, see Section 11.9.19
listed below. The IANA Enterprise number used with these messages is
13277
CAPWAP Control Message Message Type o IEEE 802.11 WTP Radio Configuration, see Section 11.9.23
Value
IEEE 802.11 WLAN Config Request 3398912 11.8.2. Configuration Status Response Message
IEEE 802.11 WLAN Config Response 3398913
11.7.1. IEEE 802.11 WLAN Config Request The following IEEE 802.11 specific message elements may be included
in the CAPWAP Configuration Status Response Message.
The IEEE 802.11 WLAN Configuration Request is sent by the AC to the o IEEE 802.11 Antenna, see Section 11.9.2
WTP in order to change services provided by the WTP. This control
message is used to either create, update or delete a WLAN on the WTP.
The IEEE 802.11 WLAN Configuration Request is sent as a result of o IEEE 802.11 Direct Sequence Control, see Section 11.9.5
either some manual admistrative process (e.g., deleting a WLAN), or
automatically to create a WLAN on a WTP. When sent automatically to
create a WLAN, this control message is sent after the CAPWAP
Configure Update Request message has been received by the WTP.
Upon receiving this control message, the WTP will modify the o IEEE 802.11 MAC Operation, see Section 11.9.7
necessary services, and transmit an IEEE 802.11 WLAN Configuration
Response.
A WTP MAY provide service for more than one WLAN, therefore every o IEEE 802.11 Multi Domain Capability, see Section 11.9.11
WLAN is identified through a numerical index. For instance, a WTP
that is capable of supporting up to 16 SSIDs, could accept up to 16
IEEE 802.11 WLAN Configuration Request messages that include the Add
WLAN message element.
Since the index is the primary identifier for a WLAN, an AC MAY o IEEE 802.11 OFDM Control, see Section 11.9.12
attempt to ensure that the same WLAN is identified through the same
index number on all of its WTPs. An AC that does not follow this
approach MUST find some other means of maintaining a WLAN Identifier
to SSID mapping table.
The following message elements may be included in the IEEE 802.11 o IEEE 802.11 Rate Set, see Section 11.9.13
WLAN Config Request message. Only one message element MUST be
present.
o IEEE 802.11 Add WLAN, see Section 11.10.1 o IEEE 802.11 Supported Rates, see Section 11.9.17
o IEEE 802.11 Delete WLAN, see Section 11.10.5 o IEEE 802.11 Tx Power, see Section 11.9.18
o IEEE 802.11 Update WLAN, see Section 11.10.21 o IEEE 802.11 WTP Quality of Service, see Section 11.9.22
o IEEE 802.11 Information Element, see Section 11.10.7 o IEEE 802.11 WTP Radio Configuration, see Section 11.9.23
11.7.2. IEEE 802.11 WLAN Config Response 11.8.3. Configuration Update Request Message
The IEEE 802.11 WLAN Configuration Response is sent by the AC to the The following IEEE 802.11 specific message elements may be included
WTP as an acknowledgement of the receipt of an IEEE 802.11 WLAN in the CAPWAP Configuration Update Request Message.
Configuration Request.
The following message elements may be included in the IEEE 802.11 o IEEE 802.11 Antenna, see Section 11.9.2
WLAN Config Request message. Only one message element MUST be
present.
o IEEE 802.11 Assigned WTP BSSID, see Section 11.10.3 o IEEE 802.11 Direct Sequence Control, see Section 11.9.5
o IEEE 802.11 MAC Operation, see Section 11.9.7
11.8. Data Message bindings o IEEE 802.11 Multi Domain Capability, see Section 11.9.11
There are no CAPWAP Data Message bindings for IEEE 802.11. o IEEE 802.11 OFDM Control, see Section 11.9.12
11.9. Control Message bindings o IEEE 802.11 Rate Set, see Section 11.9.13
This section describes he IEEE 802.11 specific message elements o IEEE 802.11 RSNA Error Report From Mobile, see Section 11.9.14
included in CAPWAP Control Messages.
11.9.1. Mobile Config Request o IEEE 802.11 Tx Power, see Section 11.9.18
The following IEEE 802.11 specific message elements MAY used with the o IEEE 802.11 WTP Quality of Service, see Section 11.9.22
CAPWAP Mobile Config Request message.
o IEEE 802.11 Mobile, see Section 11.10.11 o IEEE 802.11 WTP Radio Configuration, see Section 11.9.23
o IEEE 802.11 Mobile Session Key, see Section 11.10.12 11.8.4. Mobile Config Request
o Station QOS Profile, see Section 11.10.25 The following IEEE 802.11 specific message elements MAY included in
the CAPWAP Mobile Config Request message.
11.9.2. WTP Event Request o IEEE 802.11 Mobile, see Section 11.9.9
o IEEE 802.11 Mobile Session Key, see Section 11.9.10
o Station QoS Profile, see Section 11.9.15
11.8.5. WTP Event Request
The following IEEE 802.11 specific message elements may be included The following IEEE 802.11 specific message elements may be included
in the CAPWAP WTP Event Request message. in the CAPWAP WTP Event Request message.
o IEEE 802.11 MIC Countermeasures, see Section 11.10.9 o IEEE 802.11 MIC Countermeasures, see Section 11.9.8
o IEEE 802.11 Statistics, see Section 11.10.16
o IEEE 802.11 WTP Radio Fail Alarm Indication, see Section 11.10.23 o IEEE 802.11 Statistics, see Section 11.9.16
11.9.3. Configuration Messages o IEEE 802.11 WTP Radio Fail Alarm Indication, see Section 11.9.24
This section defines the IEEE 802.11 Message Elements which MAY be 11.9. IEEE 802.11 Message Element Definitions
included in the Configuration Status, Configuration Status Response,
Configuration Update Request and Mobile Config Request CAPWAP control
meessages. The binding of message elements to CAPWAP control
messages is shown below:
Conf Conf Conf Mobile The following IEEE 802.11 specific message elements are defined in
Message Element Stat Stat Upd Config Req this section.
Msg Resp Msg Msg
IEEE 802.11 Antenna X X X IEEE 802.11 Message Element Type Value
IEEE 802.11 Broadcast Probe Mode X X
IEEE 802.11 Direct Sequence Control X X X
IEEE 802.11 MAC Operation X X X
IEEE 802.11 MIC Error Report From Mobile X
IEEE 802.11 Mobile Session Key X
IEEE 802.11 Multi-domain Capability X X X
IEEE 802.11 OFDM Control X X X
IEEE 802.11 Rate Set X X
IEEE 802.11 Supported Rates X X
IEEE 802.11 Tx Power X X X
IEEE 802.11 Tx Power Level X
IEEE 802.11 Update Mobile QoS X
IEEE 802.11 WTP Mode and Type X? X
IEEE 802.11 WTP Quality of Service X X
IEEE 802.11 WTP Radio Configuration X X X
11.10. IEEE 802.11 Message Element Definitions IEEE 802.11 Add WLAN 1024
IEEE 802.11 Antenna 1025
IEEE 802.11 Assigned WTP BSSID 1026
IEEE 802.11 Delete WLAN 1027
IEEE 802.11 Direct Sequence Control 1028
IEEE 802.11 Information Element 1029
IEEE 802.11 MAC Operation 1030
IEEE 802.11 MIC Countermeasures 1031
IEEE 802.11 Mobile 1032
IEEE 802.11 Mobile Session Key 1033
IEEE 802.11 Multi-Domain Capability 1034
IEEE 802.11 OFDM Control 1035
IEEE 802.11 Rate Set 1036
IEEE 802.11 RSNA Error Report From Mobile 1037
IEEE 802.11 Station QoS Profile 1038
IEEE 802.11 Statistics 1039
IEEE 802.11 Supported Rates 1040
IEEE 802.11 Tx Power 1041
IEEE 802.11 Tx Power Level 1042
IEEE 802.11 Update Mobile QoS 1043
IEEE 802.11 Update WLAN 1044
IEEE 802.11 WTP Quality of Service 1045
IEEE 802.11 WTP Radio Configuration 1046
IEEE 802.11 WTP Radio Fail Alarm Indication 1047
11.10.1. IEEE 802.11 Add WLAN 11.9.1. IEEE 802.11 Add WLAN
The Add WLAN message element is used by the AC to define a wireless The Add WLAN message element is used by the AC to define a wireless
LAN on the WTP. The inclusion of this message element MUST also LAN on the WTP. The inclusion of this message element MUST also
include IEEE 802.11 Information Element message elements, containing include IEEE 802.11 Information Element message elements, containing
the following 802.11 IEs: the following 802.11 IEs:
Power Capability information element Power Capability information element
WPA information element WPA information element
RSN information element RSN information element
EDCA Parameter Set information element EDCA Parameter Set information element
QoS Capability information element QoS Capability information element
WMM information element WMM information element
The message element uses the following format: If present, the RSN information element is sent along with the IEEE
802.11 Add WLAN in order to instruct the WTP on the usage of the Key
field.
Note that ACs MAY include additional information elements as they see
fit. The message element uses the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID | Reserved | | Radio ID | WLAN ID | Capabilities |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encryption Policy |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key | | Key Index | Key Status | Key Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key | | Key... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key | | Group TSC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Key Index | Key Status | QoS | Auth Type | | Group TSC | QoS | Auth Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Mode | Tunnel Mode | Suppress SSID | SSID ... | MAC Mode | Tunnel Mode | Suppress SSID | SSID ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1024 for IEEE 802.11 Add WLAN Type: 1024 for IEEE 802.11 Add WLAN
Length: >= 49 Length: >= 49
Radio ID: An 8-bit value representing the radio. Radio ID: An 8-bit value representing the radio.
WLAN ID: An 8-bit value specifying the WLAN Identifier. WLAN ID: An 8-bit value specifying the WLAN Identifier.
Reserved: A 16-bit value that MUST be set to zero. Capability: A 16-bit value containing the capabilities information
field to be advertised by the WTP within the Probe and Beacon
Encryption Policy: A 32-bit value specifying the encryption scheme messages.
to apply to traffic to and from the mobile station. The
applicability of the encryption policy depends upon the security
policy. For static WEP keys, which is true when the 'Shared Key'
bit is set, this encryption policy is relevant for both unicast
and multicast traffic. For encryption schemes that employ a
separate encryption key for unicast and multicast traffic, the
encryption policy defined here only applies to multicast data. In
these scenarios, the unicast encryption policy is communicated via
the Add Mobile Station (Section 4.4.8).
0 - Encrypt WEP 104: All packets to/from the mobile station must
be encrypted using standard 104 bit WEP.
1 - Clear Text: All packets to/from the mobile station do not
require any additional crypto processing by the WTP.
2 - Encrypt WEP 40: All packets to/from the mobile station must be
encrypted using standard 40 bit WEP.
3 - Encrypt WEP 128: All packets to/from the mobile station must
be encrypted using standard 128 bit WEP.
4 - Encrypt AES-CCMP 128: All packets to/from the mobile station
must be encrypted using 128 bit AES CCMP [7]
5 - Encrypt TKIP-MIC: All packets to/from the mobile station must
be encrypted using TKIP and authenticated using Michael [24]
Key: A 32 byte Session Key to use with the encryption policy.
Key-Index: The Key Index associated with the key. Key-Index: The Key Index associated with the key.
Key Status: A 1 byte value that specifies the state and usage of the Key Status: A 1 byte value that specifies the state and usage of the
key that has been included. The following values describe the key key that has been included. The following values describe the key
usage and its status: usage and its status:
0 - A value of zero, with the 'Encryption Policy' field set to any 0 - A value of zero, with the inclusion of the RSN Information
value other than 'Clear Text' means that the WLAN uses per-station Element means that the WLAN uses per-station encryption keys, and
encryption keys, and therefore the key in the 'Key' field is only therefore the key in the 'Key' field is only used for multicast
used for multicast traffic. traffic.
1 - When set to one, the WLAN employs a shared WEP key, also known as 1 - When set to one, the WLAN employs a shared WEP key, also known as
a static WEP key, and uses the encryption key for both unicast and a static WEP key, and uses the encryption key for both unicast and
multicast traffic for all stations. multicast traffic for all stations.
2 - The value of 2 indicates that the AC will begin rekeying the GTK 2 - The value of 2 indicates that the AC will begin rekeying the GTK
with the STA's in the BSS. It is only valid when IEEE 802.11i is with the STA's in the BSS. It is only valid when IEEE 802.11i is
enabled as the security policy for the BSS. enabled as the security policy for the BSS.
3 - The value of 3 indicates that the AC has completed rekeying the 3 - The value of 3 indicates that the AC has completed rekeying the
GTK and broadcast packets no longer need to be duplicated and GTK and broadcast packets no longer need to be duplicated and
transmitted with both GTK's. transmitted with both GTK's.
QOS: An 8-bit value specifying the QoS policy to enforce for the Key Length: A 16-bit value representing the length of the Key field.
station.
Key: A 32 byte Session Key to use to provide data privacy. For
static WEP keys, which is true when the 'Key Status' bit is set to
one, this key is used for both unicast and multicast traffic. For
encryption schemes that employ a separate encryption key for
unicast and multicast traffic, the key included hereonly applies
to multicast data, and the cipher suite is specified in an
accompanied RSN Information Element. In these scenarios, the key,
and cipher information, is communicated via the Add Mobile Station
(Section 4.4.8).
Group TSC A 48-bit value containing the Transmit Sequence Counter
for the updated group key. The WTP will set the TSC for
broadcast/multicast frames to this value for the updated group
key.
QOS: An 8-bit value specifying the default QoS policy to enforce for
station's traffic on this WLAN.
The following values are supported: The following values are supported:
0 - Best Effort 0 - Best Effort
1 - Video 1 - Video
2 - Voice 2 - Voice
3 - Background 3 - Background
skipping to change at page 105, line 46 skipping to change at page 113, line 18
1 - WEP Shared Key 1 - WEP Shared Key
2 - WPA/WPA2 802.1X 2 - WPA/WPA2 802.1X
3 - WPA/WPA2 PSK 3 - WPA/WPA2 PSK
MAC Mode: This field specifies whether the WTP should support the MAC Mode: This field specifies whether the WTP should support the
WLAN in Local or Split MAC modes. Note that the AC MUST NOT WLAN in Local or Split MAC modes. Note that the AC MUST NOT
request a mode of operation that was not advertised by the WTP request a mode of operation that was not advertised by the WTP
during the discovery process (see section Section 4.4.38). The during the discovery process (see section Section 4.4.37). The
following values are supported: following values are supported:
0 - Local-MAC: Service for the WLAN is to be provided in Local 0 - Local-MAC: Service for the WLAN is to be provided in Local
MAC mode. MAC mode.
1 - Split-MAC: Service for the WLAN is to be provided in Split 1 - Split-MAC: Service for the WLAN is to be provided in Split
MAC mode. MAC mode.
Tunnel Mode: This field specifies the tunneling type to be used for Tunnel Mode: This field specifies the frame tunneling type to be
all stations associated with the WLAN. Note that the AC MUST NOT used for user traffic from all stations associated with the WLAN.
request a mode of operation that was not advertised by the WTP The AC MUST NOT request a mode of operation that was not
during the discovery process (see section Section 4.4.36). The advertised by the WTP during the discovery process (see section
following values are supported: Section 4.4.35). IEEE 802.11 managment and control frames SHALL
be tunneled using 802.11 Tunnel mode. The following values are
supported:
0 - Local Bridging: All user traffic is to be locally bridged. 0 - Local Bridging: All user traffic is to be locally bridged.
1 - 802.3 Tunnel: All user traffic is to be tunneled to the AC in 1 - 802.3 Tunnel: All user traffic is to be tunneled to the AC in
802.3 format (see section Section 4.2). 802.3 format (see section Section 4.2).
2 - 802.11 Bridging: All user traffic is to be tunneled to the AC 2 - 802.11 Tunnel: All user traffic is to be tunneled to the AC
in 802.11 format. in 802.11 format.
Supress SSID: A boolean indicating whether the SSID is to be Supress SSID: A boolean indicating whether the SSID is to be
advertised by the WTP. A value of zero supresses the SSID in the advertised by the WTP. A value of zero supresses the SSID in the
802.11 Beacon and Probe Response frames, while a value of one will 802.11 Beacon and Probe Response frames, while a value of one will
cause the WTP to populate the field. cause the WTP to populate the field.
SSID: The SSID attribute is the service set identifier that will be SSID: The SSID attribute is the service set identifier that will be
advertised by the WTP for this WLAN. advertised by the WTP for this WLAN.
11.10.2. IEEE 802.11 Antenna 11.9.2. IEEE 802.11 Antenna
The antenna message element is communicated by the WTP to the AC to The antenna message element is communicated by the WTP to the AC to
provide information on the antennas available. The AC MAY use this provide information on the antennas available. The AC MAY use this
element to reconfigure the WTP's antennas. The value contains the element to reconfigure the WTP's antennas. The value contains the
following fields: following fields:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Diversity | Combiner | Antenna Cnt | | Radio ID | Diversity | Combiner | Antenna Cnt |
skipping to change at page 107, line 6 skipping to change at page 114, line 27
| Antenna Selection [0..N] | | Antenna Selection [0..N] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1025 for IEEE 802.11 Antenna Type: 1025 for IEEE 802.11 Antenna
Length: >= 5 Length: >= 5
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Diversity: An 8-bit value specifying whether the antenna is to Diversity: An 8-bit value specifying whether the antenna is to
provide receive diversity. The following values are supported: provide receive diversity. The value of this field is the same as
the IEEE 802.11 dot11DiversitySelectionRx MIB element (see [6]).
The following values are supported:
0 - Disabled 0 - Disabled
1 - Enabled (may only be true if the antenna can be used as a 1 - Enabled (may only be true if the antenna can be used as a
receive antenna) receive antenna)
Combiner: An 8-bit value specifying the combiner selection. The Combiner: An 8-bit value specifying the combiner selection. The
following values are supported: following values are supported:
1 - Sectorized (Left) 1 - Sectorized (Left)
2 - Sectorized (Right) 2 - Sectorized (Right)
3 - Omni 3 - Omni
4 - MIMO 4 - MIMO
Antenna Count: An 8-bit value specifying the number of Antenna Antenna Count: An 8-bit value specifying the number of Antenna
Selection fields. Selection fields. This value should be the same as the one found
in the IEEE 802.11 dot11CurrentTxAntenna MIB element (see [6]).
Antenna Selection: One 8-bit antenna configuration value per antenna Antenna Selection: One 8-bit antenna configuration value per antenna
in the WTP. The following values are supported: in the WTP. The following values are supported:
1 - Internal Antenna 1 - Internal Antenna
2 - External Antenna 2 - External Antenna
11.10.3. IEEE 802.11 Assigned WTP BSSID 11.9.3. IEEE 802.11 Assigned WTP BSSID
The IEEE 802.11 Assigned WTP BSSID is only included by the WTP when The IEEE 802.11 Assigned WTP BSSID is only included by the WTP when
the IEEE 802.11 WLAN Config Request included the IEEE 802.11 Add WLAN the IEEE 802.11 WLAN Config Request included the IEEE 802.11 Add WLAN
message element. The value field of this message element contains message element. The value field of this message element contains
the BSSID that has been assigned by the WTP, which allows the WTP to the BSSID that has been assigned by the WTP, which allows the WTP to
perform its own BSSID assignment. perform its own BSSID assignment.
The WTP is free to assign the BSSIDs the way it sees fit, but it is The WTP is free to assign the BSSIDs the way it sees fit, but it is
highly recommended that the WTP assign the BSSID using the following highly recommended that the WTP assign the BSSID using the following
algorithm: BSSID = {base BSSID} + WLAN ID. algorithm: BSSID = {base BSSID} + WLAN ID.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| BSSID | | Radio ID | WLAN ID | BSSID
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| BSSID | | BSSID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1026 for IEEE 802.11 Assigned WTP BSSID Type: 1026 for IEEE 802.11 Assigned WTP BSSID
Length: 6 Length: 6
BSSID: The BSSID assigned by the WTP for the WLAN created as a Radio ID: An 8-bit value representing the radio.
result of receiving an IEEE 802.11 Add WLAN.
11.10.4. IEEE 802.11 Broadcast Probe Mode
The Broadcast Probe Mode message element indicates whether a WTP will
respond to NULL SSID probe requests. Since broadcast NULL probes are
not sent to a specific BSSID, the WTP cannot know which SSID the
sending station is querying. Therefore, this behavior must be global
to the WTP.
0
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
| Status |
+-+-+-+-+-+-+-+-+
Type: 1027 for IEEE 802.11 Broadcast Probe Mode
Length: 1 WLAN ID: An 8-bit value specifying the WLAN Identifier.
Status: An 8-bit boolean indicating the status of whether a WTP BSSID: The BSSID assigned by the WTP for the WLAN created as a
shall response to a NULL SSID probe request. A value of zero result of receiving an IEEE 802.11 Add WLAN.
disables NULL SSID probe response, while a value of one enables
it.
11.10.5. IEEE 802.11 Delete WLAN 11.9.4. IEEE 802.11 Delete WLAN
The delete WLAN message element is used to inform the WTP that a The delete WLAN message element is used to inform the WTP that a
previously created WLAN is to be deleted. The value contains the previously created WLAN is to be deleted. The value contains the
following fields: following fields:
0 1 2 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID | | Radio ID | WLAN ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1028 for IEEE 802.11 Delete WLAN Type: 1027 for IEEE 802.11 Delete WLAN
Length: 3 Length: 3
Radio ID: An 8-bit value representing the radio Radio ID: An 8-bit value representing the radio
WLAN ID: A 16-bit value specifying the WLAN Identifier WLAN ID: An 8-bit value specifying the WLAN Identifier
11.10.6. IEEE 802.11 Direct Sequence Control 11.9.5. IEEE 802.11 Direct Sequence Control
The direct sequence control message element is a bi-directional The direct sequence control message element is a bi-directional
element. When sent by the WTP, it contains the current state. When element. When sent by the WTP, it contains the current state. When
sent by the AC, the WTP MUST adhere to the values. This element is sent by the AC, the WTP MUST adhere to the values. This element is
only used for 802.11b radios. The value has the following fields. only used for 802.11b radios. The value has the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | Current Chan | Current CCA | | Radio ID | Reserved | Current Chan | Current CCA |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Energy Detect Threshold | | Energy Detect Threshold |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1029 for IEEE 802.11 Direct Sequence Control Type: 1028 for IEEE 802.11 Direct Sequence Control
Length: 8 Length: 8
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Reserved: MUST be set to zero Reserved: MUST be set to zero
Current Channel: This attribute contains the current operating Current Channel: This attribute contains the current operating
frequency channel of the DSSS PHY. frequency channel of the DSSS PHY. This value comes from the IEEE
802.11 dot11CurrentChannel MIB element (see [6]).
Current CCA: The current CCA method in operation. Valid values are: Current CCA: The current CCA method in operation, whose value can be
found in the IEEE 802.11 dot11CCAModeSupported MIB element (see
[6]). Valid values are:
1 - energy detect only (edonly) 1 - energy detect only (edonly)
2 - carrier sense only (csonly) 2 - carrier sense only (csonly)
4 - carrier sense and energy detect (edandcs) 4 - carrier sense and energy detect (edandcs)
8 - carrier sense with timer (cswithtimer) 8 - carrier sense with timer (cswithtimer)
16 - high rate carrier sense and energy detect (hrcsanded) 16 - high rate carrier sense and energy detect (hrcsanded)
Energy Detect Threshold: The current Energy Detect Threshold being Energy Detect Threshold: The current Energy Detect Threshold being
used by the DSSS PHY. used by the DSSS PHY. The value can be found in the IEEE 802.11
dot11EDThreshold MIB element (see [6]).
11.10.7. IEEE 802.11 Information Element 11.9.6. IEEE 802.11 Information Element
The IEEE 802.11 Information Element is used to communicate any IE The IEEE 802.11 Information Element is used to communicate any IE
defined in the IEEE 802.11 protocol. The data field contains the raw defined in the IEEE 802.11 protocol. The data field contains the raw
IE as it would be included within an IEEE 802.11 MAC management IE as it would be included within an IEEE 802.11 MAC management
message. message.
0 1 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|B|P| Flags | Info Element | Radio ID | WLAN ID |B|P| Flags |Info Element...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1030 for IEEE 802.11 Information Element Type: 1029 for IEEE 802.11 Information Element
Length: >= 2 Length: >= 2
Radio ID: An 8-bit value representing the radio.
WLAN ID: An 8-bit value specifying the WLAN Identifier.
B: When set, the WTP is to include the information element in B: When set, the WTP is to include the information element in
beacons associated with the WLAN. beacons associated with the WLAN.
P: When set, the WTP is to include the information element in probe P: When set, the WTP is to include the information element in probe
responses associated with the WLAN. responses associated with the WLAN.
Flags: Reserved field and MUST be set to zero. Flags: Reserved field and MUST be set to zero.
Info Element: The IEEE 802.11 Information Element, which includes Info Element: The IEEE 802.11 Information Element, which includes
the type, length and value field. the type, length and value field.
11.10.8. IEEE 802.11 MAC Operation 11.9.7. IEEE 802.11 MAC Operation
The MAC operation message element is sent by the AC to set the 802.11 The MAC operation message element is sent by the AC to set the 802.11
MAC parameters on the WTP. The value contains the following fields. MAC parameters on the WTP. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | RTS Threshold | | Radio ID | Reserved | RTS Threshold |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Short Retry | Long Retry | Fragmentation Threshold | | Short Retry | Long Retry | Fragmentation Threshold |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tx MSDU Lifetime | | Tx MSDU Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Rx MSDU Lifetime | | Rx MSDU Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1031 for IEEE 802.11 MAC Operation
Type: 1030 for IEEE 802.11 MAC Operation
Length: 16 Length: 16
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Reserved: MUST be set to zero Reserved: MUST be set to zero
RTS Threshold: This attribute indicates the number of octets in an RTS Threshold: This attribute indicates the number of octets in an
MPDU, below which an RTS/CTS handshake MUST NOT be performed. An MPDU, below which an RTS/CTS handshake MUST NOT be performed. An
RTS/CTS handshake MUST be performed at the beginning of any frame RTS/CTS handshake MUST be performed at the beginning of any frame
exchange sequence where the MPDU is of type Data or Management, exchange sequence where the MPDU is of type Data or Management,
the MPDU has an individual address in the Address1 field, and the the MPDU has an individual address in the Address1 field, and the
length of the MPDU is greater than this threshold. Setting this length of the MPDU is greater than this threshold. Setting this
attribute to be larger than the maximum MSDU size MUST have the attribute to be larger than the maximum MSDU size MUST have the
effect of turning off the RTS/CTS handshake for frames of Data or effect of turning off the RTS/CTS handshake for frames of Data or
Management type transmitted by this STA. Setting this attribute Management type transmitted by this STA. Setting this attribute
to zero MUST have the effect of turning on the RTS/CTS handshake to zero MUST have the effect of turning on the RTS/CTS handshake
for all frames of Data or Management type transmitted by this STA. for all frames of Data or Management type transmitted by this STA.
The default value of this attribute MUST be 2347. The default value of this attribute MUST be 2347. The value of
this field comes from the IEEE 802.11 dot11RTSThreshold MIB
element (see [6]).
Short Retry: This attribute indicates the maximum number of Short Retry: This attribute indicates the maximum number of
transmission attempts of a frame, the length of which is less than transmission attempts of a frame, the length of which is less than
or equal to RTSThreshold, that MUST be made before a failure or equal to RTSThreshold, that MUST be made before a failure
condition is indicated. The default value of this attribute MUST condition is indicated. The default value of this attribute MUST
be 7. be 7. The value of this field comes from the IEEE 802.11
dot11ShortRetryLimit MIB element (see [6]).
Long Retry: This attribute indicates the maximum number of Long Retry: This attribute indicates the maximum number of
transmission attempts of a frame, the length of which is greater transmission attempts of a frame, the length of which is greater
than dot11RTSThreshold, that MUST be made before a failure than dot11RTSThreshold, that MUST be made before a failure
condition is indicated. The default value of this attribute MUST condition is indicated. The default value of this attribute MUST
be 4. be 4. The value of this field comes from the IEEE 802.11
dot11LongRetryLimit MIB element (see [6]).
Fragmentation Threshold: This attribute specifies the current Fragmentation Threshold: This attribute specifies the current
maximum size, in octets, of the MPDU that MAY be delivered to the maximum size, in octets, of the MPDU that MAY be delivered to the
PHY. An MSDU MUST be broken into fragments if its size exceeds PHY. An MSDU MUST be broken into fragments if its size exceeds
the value of this attribute after adding MAC headers and trailers. the value of this attribute after adding MAC headers and trailers.
An MSDU or MMPDU MUST be fragmented when the resulting frame has An MSDU or MMPDU MUST be fragmented when the resulting frame has
an individual address in the Address1 field, and the length of the an individual address in the Address1 field, and the length of the
frame is larger than this threshold. The default value for this frame is larger than this threshold. The default value for this
attribute MUST be the lesser of 2346 or the aMPDUMaxLength of the attribute MUST be the lesser of 2346 or the aMPDUMaxLength of the
attached PHY and MUST never exceed the lesser of 2346 or the attached PHY and MUST never exceed the lesser of 2346 or the
aMPDUMaxLength of the attached PHY. The value of this attribute aMPDUMaxLength of the attached PHY. The value of this attribute
MUST never be less than 256. MUST never be less than 256. The value of this field comes from
the IEEE 802.11 dot11FragmentationThreshold MIB element (see [6]).
Tx MSDU Lifetime: This attribute speficies the elapsed time in TU, Tx MSDU Lifetime: This attribute speficies the elapsed time in TU,
after the initial transmission of an MSDU, after which further after the initial transmission of an MSDU, after which further
attempts to transmit the MSDU MUST be terminated. The default attempts to transmit the MSDU MUST be terminated. The default
value of this attribute MUST be 512. value of this attribute MUST be 512. The value of this field
comes from the IEEE 802.11 dot11MaxTransmitMSDULifetime MIB
element (see [6]).
Rx MSDU Lifetime: This attribute specifies the elapsed time in TU, Rx MSDU Lifetime: This attribute specifies the elapsed time in TU,
after the initial reception of a fragmented MMPDU or MSDU, after after the initial reception of a fragmented MMPDU or MSDU, after
which further attempts to reassemble the MMPDU or MSDU MUST be which further attempts to reassemble the MMPDU or MSDU MUST be
terminated. The default value MUST be 512. terminated. The default value MUST be 512. The value of this
field comes from the IEEE 802.11 dot11MaxReceiveLifetime MIB
element (see [6]).
11.10.9. IEEE 802.11 MIC Countermeasures 11.9.8. IEEE 802.11 MIC Countermeasures
The MIC Countermeasures message element is sent by the WTP to the AC The MIC Countermeasures message element is sent by the WTP to the AC
to indicate the occurrence of a MIC failure. to indicate the occurrence of a MIC failure. See the IEEE 802.11
dot11RSNATKIPCounterMeasuresInvoked MIB element (see [6]) for more
info.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID | MAC Address | | Radio ID | WLAN ID | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1032 for IEEE 802.11 MIC Countermeasures Type: 1031 for IEEE 802.11 MIC Countermeasures
Length: 8 Length: 8
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP. index on the WTP.
WLAN ID: This 8-bit unsigned integer includes the WLAN Identifier, WLAN ID: This 8-bit unsigned integer includes the WLAN Identifier,
on which the MIC failure occurred. on which the MIC failure occurred.
MAC Address: The MAC Address of the mobile station that caused the MAC Address: The MAC Address of the mobile station that caused the
MIC failure. MIC failure.
11.10.10. IEEE 802.11 MIC Error Report From Mobile 11.9.9. IEEE 802.11 Mobile
The MIC Error Report From Mobile message element is sent by an AC to
an WTP when it receives a MIC failure notification, via the Error bit
in the EAPOL-Key frame.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Client MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Client MAC Address | BSSID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| BSSID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1033 for IEEE 802.11 MIC Error Report From Mobile
Length: 14
Client MAC Address: The Client MAC Address of the station reporting
the MIC failure.
BSSID: The BSSID on which the MIC failure is being reported.
Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP
WLAN ID: The WLAN ID on which the MIC failure is being reported.
11.10.11. IEEE 802.11 Mobile
The IEEE 802.11 Mobile message element accompanies the Add Mobile The IEEE 802.11 Mobile message element accompanies the Add Mobile
message element, and is used to deliver IEEE 802.11 station policy message element, and is used to deliver IEEE 802.11 station policy
from the AC to the WTP. from the AC to the WTP.
The latest IEEE 802.11 Mobile message element overrides any The latest IEEE 802.11 Mobile message element overrides any
previously received message elements. previously received message elements.
If the QoS field is set, the WTP MUST observe and provide policing of If the QoS field is set, the WTP MUST observe and provide policing of
the 802.11e priority tag to ensure that it does not exceed the value the 802.11e priority tag to ensure that it does not exceed the value
provided by the AC. provided by the AC.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Association ID | Flags | | Radio ID | Association ID | Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Capabilities | WLAN ID |Supported Rates | Capabilities | WLAN ID |Supported Rates
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1034 for Add IEEE 802.11 Mobile
Type: 1032 for IEEE 802.11 Mobile
Length: >= 8 Length: >= 8
Radio ID: An 8-bit value representing the radio Radio ID: An 8-bit value representing the radio
Association ID: A 16-bit value specifying the IEEE 802.11 Association ID: A 16-bit value specifying the IEEE 802.11
Association Identifier Association Identifier
Flags: The Flags field MUST be set to zero Flags: The Flags field MUST be set to zero
Capabilities: A 16-bit field containing the IEEE 802.11 capabilities Capabilities: A 16-bit field containing the IEEE 802.11 Capabilities
to use with the mobile. Information Field to use with the mobile.
WLAN ID: An 8-bit value specifying the WLAN Identifier WLAN ID: An 8-bit value specifying the WLAN Identifier
Supported Rates: The variable length field containing the supported Supported Rates: The variable length field containing the supported
rates to be used with the mobile station. rates to be used with the mobile station, as found in the IEEE
802.11 dot11OperationalRateSet MIB element (see [6]).
11.10.12. IEEE 802.11 Mobile Session Key 11.9.10. IEEE 802.11 Mobile Session Key
The Mobile Session Key Payload message element is sent when the AC The Mobile Session Key Payload message element is sent when the AC
determines that encryption of a mobile station must be performed in determines that encryption of a mobile station must be performed in
the WTP. This message element MUST NOT be present without the IEEE the WTP. This message element MUST NOT be present without the IEEE
802.11 Mobile (see Section 11.10.11) message element, and MUST NOT be 802.11 Mobile (see Section 11.9.9) message element, and MUST NOT be
sent if the WTP had not specifically advertised support for the sent if the WTP had not specifically advertised support for the
requested encryption scheme. requested encryption scheme.
If the IEEE 802.11 Mobile Session Key message element's EAP-Only bit The RSN information element MUST sent along with the IEEE 802.11
is set, the WTP MUST drop all IEEE 802.11 packets that do not contain Mobile Session Key in order to instruct the WTP on the usage of the
EAP packets. Note that when EAP-Only is set, the Encryption Policy Key field. The AKM field of the RSM information element is used by
field MAY be set, and therefore it is possible to inform a WTP to the WTP to identify the authentication protocol.
only accept encrypted EAP packets. Once the mobile station has
successfully completed EAP authentication, the AC must send a new Add If the IEEE 802.11 Mobile Session Key message element's AKM-Only bit
Mobile message element to remove the EAP Only restriction, and is set, the WTP MUST drop all IEEE 802.11 packets that are not part
optionally push the session key down to the WTP. of the AKM (e.g., EAP). Note that AKM-Only is MAY be set while an
encryption key is in force, requiring that the AKM packets be
encrypted. Once the mobile station has successfully completed
authentication via the AKM, the AC must send a new Add Mobile message
element to remove the AKM-Only restriction, and optionally push the
session key down to the WTP.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address |E|C| Flags | | MAC Address |A|C| Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encryption Policy |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Pairwise TSC | | Pairwise TSC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Pairwise TSC | Pairwise RSC | | Pairwise TSC | Pairwise RSC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Pairwise RSC | | Pairwise RSC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session Key... | Key...
+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-
Type: 1035 for IEEE 802.11 Mobile Session Key Type: 1033 for IEEE 802.11 Mobile Session Key
Length: >= 25 Length: >= 25
MAC Address: The mobile station's MAC Address MAC Address: The mobile station's MAC Address
Flags: A 16 bit field, whose unused bits MUST be set to zero. The Flags: A 16 bit field, whose unused bits MUST be set to zero. The
following bits are defined: following bits are defined:
E: The one bit EAP-Only field is set by the AC to inform the WTP A: The one bit AKM-Only field is set by the AC to inform the WTP
that is MUST NOT accept any 802.11 data frames, other than IEEE that is MUST NOT accept any 802.11 data frames, other than AKM
802.1X frames. This is the equivalent of the WTP's IEEE 802.1X frames. This is the equivalent of the WTP's IEEE 802.1X port
port for the mobile station to be in the closed state. When for the mobile station to be in the closed state. When set,
set, the WTP MUST drop any non-IEEE 802.1X packets it receives the WTP MUST drop any non-IEEE 802.1X packets it receives from
from the mobile station. the mobile station.
C: The one bit field is set by the AC to inform the WTP that C: The one bit field is set by the AC to inform the WTP that
encryption services will be provided by the AC. When set, the encryption services will be provided by the AC. When set, the
WTP SHOULD police frames received from stations to ensure that WTP SHOULD police frames received from stations to ensure that
they comply to the stated encryption policy, but does not need are properly encrypted as specified in the RSN Information
to take specific cryptographic action on the frame. Similarly, Element, but does not need to take specific cryptographic
for transmitted frames, the WTP only needs to forward already action on the frame. Similarly, for transmitted frames, the
encrypted frames. WTP only needs to forward already encrypted frames.
Encryption Policy: The policy field informs the WTP how to handle
packets from/to the mobile station. The following values are
supported:
0 - Encrypt WEP 104: All packets to/from the mobile station must
be encrypted using standard 104 bit WEP.
1 - Clear Text: All packets to/from the mobile station do not
require any additional crypto processing by the WTP.
2 - Encrypt WEP 40: All packets to/from the mobile station must be
encrypted using standard 40 bit WEP.
3 - Encrypt WEP 128: All packets to/from the mobile station must
be encrypted using standard 128 bit WEP.
4 - Encrypt AES-CCMP 128: All packets to/from the mobile station
must be encrypted using 128 bit AES CCMP [7]
5 - Encrypt TKIP-MIC: All packets to/from the mobile station must
be encrypted using TKIP and authenticated using Michael [24]
Pairwise TSC: The 6 byte Transmit Sequence Counter (TSC) field to Pairwise TSC: The 6 byte Transmit Sequence Counter (TSC) field to
use for unicast packets transmitted to the mobile. use for unicast packets transmitted to the mobile.
Pairwise RSC: The 6 byte Receive Sequence Counter (RSC) to use for Pairwise RSC: The 6 byte Receive Sequence Counter (RSC) to use for
unicast packets received from the mobile. unicast packets received from the mobile.
Session Key: The session key the WTP is to use when encrypting Key: The key the WTP is to use when encrypting traffic to/from the
traffic to/from the mobile station. For dynamically created keys, mobile station. For dynamically created keys, this is commonly
this is commonly known as a Pairwise Transient Key (PTK). known as a Pairwise Transient Key (PTK).
11.10.13. IEEE 802.11 Multi-domain Capability 11.9.11. IEEE 802.11 Multi-Domain Capability
The multi-domain capability message element is used by the AC to The multi-domain capability message element is used by the AC to
inform the WTP of regulatory limits. The value contains the inform the WTP of regulatory limits. The AC will transmit one
following fields. message element per frequency band to indicate the regulatory
constraints in that domain. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | First Channel # | | Radio ID | Reserved | First Channel # |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Channels | Max Tx Power Level | | Number of Channels | Max Tx Power Level |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1034 for IEEE 802.11 Multi-Domain Capability
Type: 1036 for IEEE 802.11 Multi-Domain Capability
Length: 8 Length: 8
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Reserved: MUST be set to zero Reserved: MUST be set to zero
First Channnel #: This attribute indicates the value of the lowest First Channnel #: This attribute indicates the value of the lowest
channel number in the subband for the associated domain country channel number in the subband for the associated domain country
string. string. The value of this field comes from the IEEE 802.11
dot11FirstChannelNumber MIB element (see [6]).
Number of Channels: This attribute indicates the value of the total Number of Channels: This attribute indicates the value of the total
number of channels allowed in the subband for the associated number of channels allowed in the subband for the associated
domain country string. domain country string. The value of this field comes from the
IEEE 802.11 dot11NumberofChannels MIB element (see [6]).
Max Tx Power Level: This attribute indicates the maximum transmit Max Tx Power Level: This attribute indicates the maximum transmit
power, in dBm, allowed in the subband for the associated domain power, in dBm, allowed in the subband for the associated domain
country string. country string. The value of this field comes from the IEEE
802.11 dot11MaximumTransmitPowerLevel MIB element (see [6]).
11.10.14. IEEE 802.11 OFDM Control 11.9.12. IEEE 802.11 OFDM Control
The OFDM control message element is a bi-directional element. When The OFDM control message element is a bi-directional element. When
sent by the WTP, it contains the current state. When sent by the AC, sent by the WTP, it contains the current state. When sent by the AC,
the WTP MUST adhere to the values. This element is only used for the WTP MUST adhere to the values. This element is only used for
802.11a radios. The value contains the following fields: 802.11a radios. The value contains the following fields:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | Current Chan | Band Support | | Radio ID | Reserved | Current Chan | Band Support |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TI Threshold | | TI Threshold |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1037 for IEEE 802.11 OFDM Control Type: 1035 for IEEE 802.11 OFDM Control
Length: 8 Length: 8
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Reserved: MUST be set to zero Reserved: MUST be set to zero
Current Channel: This attribute contains the current operating Current Channel: This attribute contains the current operating
frequency channel of the OFDM PHY. frequency channel of the OFDM PHY. The value of this field comes
from the IEEE 802.11 dot11CurrentFrequency MIB element (see [6]).
Band Supported: The capability of the OFDM PHY implementation to Band Supported: The capability of the OFDM PHY implementation to
operate in the three U-NII bands. Coded as an integer value of a operate in the three U-NII bands. The value of this field comes
three bit field as follows: from the IEEE 802.11 dot11FrequencyBandsSupported MIB element (see
[6]), coded as an integer value of a three bit field as follows:
capable of operating in the lower (5.15-5.25 GHz) U-NII band capable of operating in the lower (5.15-5.25 GHz) U-NII band
capable of operating in the middle (5.25-5.35 GHz) U-NII band capable of operating in the middle (5.25-5.35 GHz) U-NII band
capable of operating in the upper (5.725-5.825 GHz) U-NII band capable of operating in the upper (5.725-5.825 GHz) U-NII band
For example, for an implementation capable of operating in the For example, for an implementation capable of operating in the
lower and mid bands this attribute would take the value lower and mid bands this attribute would take the value 3.
TI Threshold: The Threshold being used to detect a busy medium TI Threshold: The Threshold being used to detect a busy medium
(frequency). CCA MUST report a busy medium upon detecting the (frequency). CCA MUST report a busy medium upon detecting the
RSSI above this threshold. RSSI above this threshold. The value of this field comes from the
IEEE 802.11 dot11TIThreshold MIB element (see [6]).
11.10.15. IEEE 802.11 Rate Set 11.9.13. IEEE 802.11 Rate Set
The rate set message element value is sent by the AC and contains the The rate set message element value is sent by the AC and contains the
supported operational rates. It contains the following fields. supported operational rates. It contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Rate Set... | Radio ID | Rate Set...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1038 for IEEE 802.11 Rate Set Type: 1036 for IEEE 802.11 Rate Set
Length: >= 3 Length: >= 3
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Rate Set: The AC generates the Rate Set that the WTP is to include Rate Set: The AC generates the Rate Set that the WTP is to include
in it's Beacon and Probe messages. The length of this field is in it's Beacon and Probe messages. The length of this field is
between 2 and 8 bytes. between 2 and 8 bytes. The value of this field comes from the
IEEE 802.11 dot11OperationalRateSet MIB element (see [6]).
11.10.16. IEEE 802.11 Statistics 11.9.14. IEEE 802.11 RSNA Error Report From Mobile
The RSN Error Report From Mobile message element is sent by an AC to
an WTP to send RSN error reports to the AC. The WTP does not need to
transmit any reports that do not include any failures. The fields
from this message element comes from the IEEE 802.11
Dot11RSNAStatsEntry table (see [6]).
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Client MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Client MAC Address | BSSID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| BSSID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TKIP ICV Errors |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TKIP Local MIC Failures |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TKIP Remote MIC Failures |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| CCMP Replays |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| CCMP Decrypt Errors |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TKIP Replays |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1037 for IEEE 802.11 RSNA Error Report From Mobile
Length: 14
Client MAC Address: The Client MAC Address of the station.
BSSID: The BSSID on which the failures are being reported on.
Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP
WLAN ID: The WLAN ID on which the RSNA failures are being reported.
TKIP ICV Errors: A 32-bit value representing the number of TKIP ICV
errors encountered when decrypting packets from the station. The
value of this field comes from the IEEE 802.11
dot11RSNAStatsTKIPICVErrors MIB element (see [6]).
TKIP Local MIC Failures: A 32-bit value representing the number of
MIC failures encountered when checking the integrity of packets
received from the station. The value of this field comes from the
IEEE 802.11 dot11RSNAStatsTKIPLocalMICFailures MIB element (see
[6]).
TKIP Remote MIC Failures: A 32-bit value representing the number of
MIC failures reported by the station encountered (possibly via the
EAPOL-Key frame). The value of this field comes from the IEEE
802.11 dot11RSNAStatsTKIPRemoteMICFailures MIB element (see [6]).
CCMP Replays: A 32-bit value representing the number of CCMP MPDUs
discarded by the replay detection mechanism. The value of this
field comes from the IEEE 802.11 dot11RSNACCMPReplays MIB element
(see [6]).
CCMP Decrypt Errors: A 32-bit value representing the number of CCMP
MDPUs discarded by the decryption algorithm. The value of this
field comes from the IEEE 802.11 dot11RSNACCMPDecryptErrors MIB
element (see [6]).
TKIP Replays: A 32-bit value representing the number of TKIP Replays
detected in frames received from the station. The value of this
field comes from the IEEE 802.11 dot11RSNAStatsTKIPReplays MIB
element (see [6]).
11.9.15. IEEE 802.11 Station QoS Profile
The Station QoS Profile Payload message element contains the maximum
IEEE 802.11e priority tag that may be used by the station. Any
packet received that exceeds the value encoded in this message
element must either be dropped or tagged using the maximum value
permitted by to the user. The priority tag must be between zero (0)
and seven (7).
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | 802.1P Precedence Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1038 for IEEE 802.11 Station QOS Profile
Length: 8
MAC Address: The mobile station's MAC Address
802.1P Precedence Tag: The maximum 802.1P precedence value that the
WTP will allow in the TID field in the extended 802.11e QOS Data
header.
11.9.16. IEEE 802.11 Statistics
The statistics message element is sent by the WTP to transmit it's The statistics message element is sent by the WTP to transmit it's
current statistics. The value contains the following fields. current statistics. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | | Radio ID | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tx Fragment Count | | Tx Fragment Count |
skipping to change at page 119, line 38 skipping to change at page 128, line 38
| Rx Fragment Count | | Rx Fragment Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Multicast RX Count | | Multicast RX Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| FCS Error Count | | FCS Error Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tx Frame Count | | Tx Frame Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Decryption Errors | | Decryption Errors |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discarded QoS Fragment Count |
Type: 1039 for Statistics +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Associated Station Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| QoS CF Polls Received Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| QoS CF Polls Unused Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| QoS CF Polls Unusable Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 1039 for IEEE 802.11 Statistics
Length: 60 Length: 60
Radio ID: An 8-bit value representing the radio. Radio ID: An 8-bit value representing the radio.
Tx Fragment Count: A 32-bit value representing the number of Tx Fragment Count: A 32-bit value representing the number of
fragmented frames transmitted. fragmented frames transmitted. The value of this field comes from
the IEEE 802.11 dot11TransmittedFragmentCount MIB element (see
[6]).
Multicast Tx Count: A 32-bit value representing the number of Multicast Tx Count: A 32-bit value representing the number of
multicast frames transmitted. multicast frames transmitted. The value of this field comes from
the IEEE 802.11 dot11MulticastTransmittedFrameCount MIB element
(see [6]).
Failed Count: A 32-bit value representing the transmit excessive Failed Count: A 32-bit value representing the transmit excessive
retries. retries. The value of this field comes from the IEEE 802.11
dot11FailedCount MIB element (see [6]).
Retry Count: A 32-bit value representing the number of transmit Retry Count: A 32-bit value representing the number of transmit
retries. retries. The value of this field comes from the IEEE 802.11
dot11RetryCount MIB element (see [6]).
Multiple Retry Count: A 32-bit value representing the number of Multiple Retry Count: A 32-bit value representing the number of
transmits that required more than one retry. transmits that required more than one retry. The value of this
field comes from the IEEE 802.11 dot11MultipleRetryCount MIB
element (see [6]).
Frame Duplicate Count: A 32-bit value representing the duplicate Frame Duplicate Count: A 32-bit value representing the duplicate
frames received. frames received. The value of this field comes from the IEEE
802.11 dot11FrameDuplicateCount MIB element (see [6]).
RTS Success Count: A 32-bit value representing the number of RTS Success Count: A 32-bit value representing the number of
successfully transmitted Ready To Send (RTS). successfully transmitted Ready To Send (RTS). The value of this
field comes from the IEEE 802.11 dot11RTSSuccessCount MIB element
(see [6]).
RTS Failure Count: A 32-bit value representing the failed RTS Failure Count: A 32-bit value representing the failed
transmitted RTS. transmitted RTS. The value of this field comes from the IEEE
802.11 dot11RTSFailureCount MIB element (see [6]).
ACK Failure Count: A 32-bit value representing the number of failed ACK Failure Count: A 32-bit value representing the number of failed