draft-ohara-capwap-lwapp-03.txt   draft-ohara-capwap-lwapp-04.txt 
Network Working Group P. Calhoun Control and Provisioning of P. Calhoun
Internet-Draft B. O'Hara Wireless Access Points Working B. O'Hara
Expires: December 26, 2005 R. Suri Group R. Suri
N. Cam Winget Internet-Draft N. Cam Winget
Cisco Systems, Inc. Intended status: Informational Cisco Systems, Inc.
S. Kelly Expires: September 3, 2007 S. Kelly
Facetime Communications Facetime Communications
M. Williams M. Williams
Nokia, Inc. Nokia, Inc.
S. Hares S. Hares
Nexthop Technologies, Inc. Nexthop Technologies, Inc.
June 24, 2005 March 2, 2007
Light Weight Access Point Protocol Light Weight Access Point Protocol
draft-ohara-capwap-lwapp-03.txt draft-ohara-capwap-lwapp-04.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 42 skipping to change at page 1, line 42
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 26, 2005. This Internet-Draft will expire on September 3, 2007.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The IETF Trust (2007).
Abstract Abstract
In the recent years, there has been a shift in wireless LAN product In the recent years, there has been a shift in wireless LAN product
architectures from autonomous access points to centralized control of architectures from autonomous access points to centralized control of
light weight access points. The general goal has been to move most light weight access points. The general goal has been to move most
of the traditional wireless functionality such as access control of the traditional wireless functionality such as access control
(user authentication and authorization), mobility and radio (user authentication and authorization), mobility and radio
management out of the access point into a centralized controller. management out of the access point into a centralized controller.
The IETF's CAPWAP WG has identified that a standards based protocol The IETF's CAPWAP WG has identified that a standards based protocol
is necessary between a wireless Access Controller and Wireless is necessary between a wireless Access Controller and Wireless
Termination Points (the latter are also commonly referred to as Light Termination Points (the latter are also commonly referred to as Light
skipping to change at page 3, line 8 skipping to change at page 3, line 8
Weight Access Points). This specification defines the Light Weight Weight Access Points). This specification defines the Light Weight
Access Point Protocol (LWAPP), which addresses the CAPWAP's protocol Access Point Protocol (LWAPP), which addresses the CAPWAP's protocol
requirements. Although the LWAPP protocol is designed to be flexible requirements. Although the LWAPP protocol is designed to be flexible
enough to be used for a variety of wireless technologies, this enough to be used for a variety of wireless technologies, this
specific document describes the base protocol, and an extension that specific document describes the base protocol, and an extension that
allows it to be used with the IEEE's 802.11 wireless LAN protocol. allows it to be used with the IEEE's 802.11 wireless LAN protocol.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 8 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 8
1.1 Conventions used in this document . . . . . . . . . . . 9 1.1. Conventions used in this document . . . . . . . . . . . 9
2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . 10 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 10
2.1 Wireless Binding Definition . . . . . . . . . . . . . . 11 2.1. Wireless Binding Definition . . . . . . . . . . . . . . 11
2.2 LWAPP State Machine Definition . . . . . . . . . . . . . 12 2.2. LWAPP State Machine Definition . . . . . . . . . . . . . 12
3. LWAPP Transport Layers . . . . . . . . . . . . . . . . . . . 21 3. LWAPP Transport Layers . . . . . . . . . . . . . . . . . . . 21
3.1 LWAPP Transport Header . . . . . . . . . . . . . . . . . 21 3.1. LWAPP Transport Header . . . . . . . . . . . . . . . . . 21
3.1.1 VER Field . . . . . . . . . . . . . . . . . . . . . 21 3.1.1. VER Field . . . . . . . . . . . . . . . . . . . . . 21
3.1.2 RID Field . . . . . . . . . . . . . . . . . . . . . 21 3.1.2. RID Field . . . . . . . . . . . . . . . . . . . . . 21
3.1.3 C Bit . . . . . . . . . . . . . . . . . . . . . . . 21 3.1.3. C Bit . . . . . . . . . . . . . . . . . . . . . . . 21
3.1.4 F Bit . . . . . . . . . . . . . . . . . . . . . . . 21 3.1.4. F Bit . . . . . . . . . . . . . . . . . . . . . . . 21
3.1.5 L Bit . . . . . . . . . . . . . . . . . . . . . . . 22 3.1.5. L Bit . . . . . . . . . . . . . . . . . . . . . . . 22
3.1.6 Fragment ID . . . . . . . . . . . . . . . . . . . . 22 3.1.6. Fragment ID . . . . . . . . . . . . . . . . . . . . 22
3.1.7 Length . . . . . . . . . . . . . . . . . . . . . . . 22 3.1.7. Length . . . . . . . . . . . . . . . . . . . . . . . 22
3.1.8 Status and WLANS . . . . . . . . . . . . . . . . . . 22 3.1.8. Status and WLANS . . . . . . . . . . . . . . . . . . 22
3.1.9 Payload . . . . . . . . . . . . . . . . . . . . . . 22 3.1.9. Payload . . . . . . . . . . . . . . . . . . . . . . 22
3.2 Using IEEE 802.3 MAC as LWAPP transport . . . . . . . . 22 3.2. Using IEEE 802.3 MAC as LWAPP transport . . . . . . . . 22
3.2.1 Framing . . . . . . . . . . . . . . . . . . . . . . 23 3.2.1. Framing . . . . . . . . . . . . . . . . . . . . . . 23
3.2.2 AC Discovery . . . . . . . . . . . . . . . . . . . . 23 3.2.2. AC Discovery . . . . . . . . . . . . . . . . . . . . 23
3.2.3 LWAPP Message Header format over IEEE 802.3 MAC 3.2.3. LWAPP Message Header format over IEEE 802.3 MAC
transport . . . . . . . . . . . . . . . . . . . . . 23 transport . . . . . . . . . . . . . . . . . . . . . 23
3.2.4 Fragmentation/Reassembly . . . . . . . . . . . . . . 23 3.2.4. Fragmentation/Reassembly . . . . . . . . . . . . . . 23
3.2.5 Multiplexing . . . . . . . . . . . . . . . . . . . . 24 3.2.5. Multiplexing . . . . . . . . . . . . . . . . . . . . 24
3.3 Using IP/UDP as LWAPP transport . . . . . . . . . . . . 24 3.3. Using IP/UDP as LWAPP transport . . . . . . . . . . . . 24
3.3.1 Framing . . . . . . . . . . . . . . . . . . . . . . 24 3.3.1. Framing . . . . . . . . . . . . . . . . . . . . . . 24
3.3.2 AC Discovery . . . . . . . . . . . . . . . . . . . . 24 3.3.2. AC Discovery . . . . . . . . . . . . . . . . . . . . 24
3.3.3 LWAPP Message Header format over IP/UDP transport . 25 3.3.3. LWAPP Message Header format over IP/UDP transport . 25
3.3.4 Fragmentation/Reassembly for IPv4 . . . . . . . . . 26 3.3.4. Fragmentation/Reassembly for IPv4 . . . . . . . . . 26
3.3.5 Fragmentation/Reassembly for IPv6 . . . . . . . . . 26 3.3.5. Fragmentation/Reassembly for IPv6 . . . . . . . . . 26
3.3.6 Multiplexing . . . . . . . . . . . . . . . . . . . . 26 3.3.6. Multiplexing . . . . . . . . . . . . . . . . . . . . 26
4. LWAPP Packet Definitions . . . . . . . . . . . . . . . . . . 27 4. LWAPP Packet Definitions . . . . . . . . . . . . . . . . . . 27
4.1 LWAPP Data Messages . . . . . . . . . . . . . . . . . . 27 4.1. LWAPP Data Messages . . . . . . . . . . . . . . . . . . 27
4.2 LWAPP Control Messages Overview . . . . . . . . . . . . 27 4.2. LWAPP Control Messages Overview . . . . . . . . . . . . 27
4.2.1 Control Message Format . . . . . . . . . . . . . . . 28 4.2.1. Control Message Format . . . . . . . . . . . . . . . 28
4.2.2 Message Element Format . . . . . . . . . . . . . . . 30 4.2.2. Message Element Format . . . . . . . . . . . . . . . 30
4.2.3 Quality of Service . . . . . . . . . . . . . . . . . 31 4.2.3. Quality of Service . . . . . . . . . . . . . . . . . 31
5. LWAPP Discovery Operations . . . . . . . . . . . . . . . . . 32 5. LWAPP Discovery Operations . . . . . . . . . . . . . . . . . 32
5.1 Discovery Request . . . . . . . . . . . . . . . . . . . 32 5.1. Discovery Request . . . . . . . . . . . . . . . . . . . 32
5.1.1 Discovery Type . . . . . . . . . . . . . . . . . . . 33 5.1.1. Discovery Type . . . . . . . . . . . . . . . . . . . 33
5.1.2 WTP Descriptor . . . . . . . . . . . . . . . . . . . 33 5.1.2. WTP Descriptor . . . . . . . . . . . . . . . . . . . 33
5.1.3 WTP Radio Information . . . . . . . . . . . . . . . 34 5.1.3. WTP Radio Information . . . . . . . . . . . . . . . 34
5.2 Discovery Response . . . . . . . . . . . . . . . . . . . 35 5.2. Discovery Response . . . . . . . . . . . . . . . . . . . 35
5.2.1 AC Address . . . . . . . . . . . . . . . . . . . . . 35 5.2.1. AC Address . . . . . . . . . . . . . . . . . . . . . 35
5.2.2 AC Descriptor . . . . . . . . . . . . . . . . . . . 36 5.2.2. AC Descriptor . . . . . . . . . . . . . . . . . . . 36
5.2.3 AC Name . . . . . . . . . . . . . . . . . . . . . . 37 5.2.3. AC Name . . . . . . . . . . . . . . . . . . . . . . 37
5.2.4 WTP Manager Control IPv4 Address . . . . . . . . . . 37 5.2.4. WTP Manager Control IPv4 Address . . . . . . . . . . 37
5.2.5 WTP Manager Control IPv6 Address . . . . . . . . . . 38 5.2.5. WTP Manager Control IPv6 Address . . . . . . . . . . 38
5.3 Primary Discovery Request . . . . . . . . . . . . . . . 38 5.3. Primary Discovery Request . . . . . . . . . . . . . . . 38
5.3.1 Discovery Type . . . . . . . . . . . . . . . . . . . 39 5.3.1. Discovery Type . . . . . . . . . . . . . . . . . . . 39
5.3.2 WTP Descriptor . . . . . . . . . . . . . . . . . . . 39 5.3.2. WTP Descriptor . . . . . . . . . . . . . . . . . . . 39
5.3.3 WTP Radio Information . . . . . . . . . . . . . . . 39 5.3.3. WTP Radio Information . . . . . . . . . . . . . . . 39
5.4 Primary Discovery Response . . . . . . . . . . . . . . . 39 5.4. Primary Discovery Response . . . . . . . . . . . . . . . 39
5.4.1 AC Descriptor . . . . . . . . . . . . . . . . . . . 39 5.4.1. AC Descriptor . . . . . . . . . . . . . . . . . . . 39
5.4.2 AC Name . . . . . . . . . . . . . . . . . . . . . . 40 5.4.2. AC Name . . . . . . . . . . . . . . . . . . . . . . 39
5.4.3 WTP Manager Control IPv4 Address . . . . . . . . . . 40 5.4.3. WTP Manager Control IPv4 Address . . . . . . . . . . 40
5.4.4 WTP Manager Control IPv6 Address . . . . . . . . . . 40 5.4.4. WTP Manager Control IPv6 Address . . . . . . . . . . 40
6. Control Channel Management . . . . . . . . . . . . . . . . . 41 6. Control Channel Management . . . . . . . . . . . . . . . . . 41
6.1 Join Request . . . . . . . . . . . . . . . . . . . . . . 41 6.1. Join Request . . . . . . . . . . . . . . . . . . . . . . 41
6.1.1 WTP Descriptor . . . . . . . . . . . . . . . . . . . 42 6.1.1. WTP Descriptor . . . . . . . . . . . . . . . . . . . 42
6.1.2 AC Address . . . . . . . . . . . . . . . . . . . . . 42 6.1.2. AC Address . . . . . . . . . . . . . . . . . . . . . 42
6.1.3 WTP Name . . . . . . . . . . . . . . . . . . . . . . 42 6.1.3. WTP Name . . . . . . . . . . . . . . . . . . . . . . 42
6.1.4 Location Data . . . . . . . . . . . . . . . . . . . 42 6.1.4. Location Data . . . . . . . . . . . . . . . . . . . 42
6.1.5 WTP Radio Information . . . . . . . . . . . . . . . 43 6.1.5. WTP Radio Information . . . . . . . . . . . . . . . 43
6.1.6 Certificate . . . . . . . . . . . . . . . . . . . . 43 6.1.6. Certificate . . . . . . . . . . . . . . . . . . . . 43
6.1.7 Session ID . . . . . . . . . . . . . . . . . . . . . 43 6.1.7. Session ID . . . . . . . . . . . . . . . . . . . . . 43
6.1.8 Test . . . . . . . . . . . . . . . . . . . . . . . . 44 6.1.8. Test . . . . . . . . . . . . . . . . . . . . . . . . 44
6.1.9 XNonce . . . . . . . . . . . . . . . . . . . . . . . 44 6.1.9. XNonce . . . . . . . . . . . . . . . . . . . . . . . 44
6.2 Join Response . . . . . . . . . . . . . . . . . . . . . 44 6.2. Join Response . . . . . . . . . . . . . . . . . . . . . 44
6.2.1 Result Code . . . . . . . . . . . . . . . . . . . . 45 6.2.1. Result Code . . . . . . . . . . . . . . . . . . . . 45
6.2.2 Status . . . . . . . . . . . . . . . . . . . . . . . 46 6.2.2. Status . . . . . . . . . . . . . . . . . . . . . . . 45
6.2.3 Certificate . . . . . . . . . . . . . . . . . . . . 46 6.2.3. Certificate . . . . . . . . . . . . . . . . . . . . 46
6.2.4 WTP Manager Data IPv4 Address . . . . . . . . . . . 46 6.2.4. WTP Manager Data IPv4 Address . . . . . . . . . . . 46
6.2.5 WTP Manager Data IPv6 Address . . . . . . . . . . . 47 6.2.5. WTP Manager Data IPv6 Address . . . . . . . . . . . 47
6.2.6 AC IPv4 List . . . . . . . . . . . . . . . . . . . . 47 6.2.6. AC IPv4 List . . . . . . . . . . . . . . . . . . . . 47
6.2.7 AC IPv6 List . . . . . . . . . . . . . . . . . . . . 48 6.2.7. AC IPv6 List . . . . . . . . . . . . . . . . . . . . 48
6.2.8 ANonce . . . . . . . . . . . . . . . . . . . . . . . 48 6.2.8. ANonce . . . . . . . . . . . . . . . . . . . . . . . 48
6.2.9 PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 49 6.2.9. PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 49
6.3 Join ACK . . . . . . . . . . . . . . . . . . . . . . . . 50 6.3. Join ACK . . . . . . . . . . . . . . . . . . . . . . . . 50
6.3.1 Session ID . . . . . . . . . . . . . . . . . . . . . 50 6.3.1. Session ID . . . . . . . . . . . . . . . . . . . . . 50
6.3.2 WNonce . . . . . . . . . . . . . . . . . . . . . . . 50 6.3.2. WNonce . . . . . . . . . . . . . . . . . . . . . . . 50
6.3.3 PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 51 6.3.3. PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 51
6.4 Join Confirm . . . . . . . . . . . . . . . . . . . . . . 51 6.4. Join Confirm . . . . . . . . . . . . . . . . . . . . . . 51
6.4.1 Session ID . . . . . . . . . . . . . . . . . . . . . 51 6.4.1. Session ID . . . . . . . . . . . . . . . . . . . . . 51
6.4.2 PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 52 6.4.2. PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 51
6.5 Echo Request . . . . . . . . . . . . . . . . . . . . . . 52 6.5. Echo Request . . . . . . . . . . . . . . . . . . . . . . 51
6.6 Echo Response . . . . . . . . . . . . . . . . . . . . . 52 6.6. Echo Response . . . . . . . . . . . . . . . . . . . . . 52
6.7 Key Update Request . . . . . . . . . . . . . . . . . . . 52 6.7. Key Update Request . . . . . . . . . . . . . . . . . . . 52
6.7.1 Session ID . . . . . . . . . . . . . . . . . . . . . 53 6.7.1. Session ID . . . . . . . . . . . . . . . . . . . . . 52
6.7.2 XNonce . . . . . . . . . . . . . . . . . . . . . . . 53 6.7.2. XNonce . . . . . . . . . . . . . . . . . . . . . . . 52
6.8 Key Update Response . . . . . . . . . . . . . . . . . . 53 6.8. Key Update Response . . . . . . . . . . . . . . . . . . 52
6.8.1 Session ID . . . . . . . . . . . . . . . . . . . . . 53 6.8.1. Session ID . . . . . . . . . . . . . . . . . . . . . 53
6.8.2 ANonce . . . . . . . . . . . . . . . . . . . . . . . 53 6.8.2. ANonce . . . . . . . . . . . . . . . . . . . . . . . 53
6.8.3 PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 53 6.8.3. PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 53
6.9 Key Update ACK . . . . . . . . . . . . . . . . . . . . . 53 6.9. Key Update ACK . . . . . . . . . . . . . . . . . . . . . 53
6.9.1 WNonce . . . . . . . . . . . . . . . . . . . . . . . 54 6.9.1. WNonce . . . . . . . . . . . . . . . . . . . . . . . 53
6.9.2 PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 54 6.9.2. PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 53
6.10 Key Update Confirm . . . . . . . . . . . . . . . . . . . 54 6.10. Key Update Confirm . . . . . . . . . . . . . . . . . . . 53
6.10.1 PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 54 6.10.1. PSK-MIC . . . . . . . . . . . . . . . . . . . . . . 54
6.11 Key Update Trigger . . . . . . . . . . . . . . . . . . . 54 6.11. Key Update Trigger . . . . . . . . . . . . . . . . . . . 54
6.11.1 Session ID . . . . . . . . . . . . . . . . . . . . . 54 6.11.1. Session ID . . . . . . . . . . . . . . . . . . . . . 54
7. WTP Configuration Management . . . . . . . . . . . . . . . . 55 7. WTP Configuration Management . . . . . . . . . . . . . . . . 55
7.1 Configuration Consistency . . . . . . . . . . . . . . . 55 7.1. Configuration Consistency . . . . . . . . . . . . . . . 55
7.2 Configure Request . . . . . . . . . . . . . . . . . . . 56 7.2. Configure Request . . . . . . . . . . . . . . . . . . . 56
7.2.1 Administrative State . . . . . . . . . . . . . . . . 56 7.2.1. Administrative State . . . . . . . . . . . . . . . . 56
7.2.2 AC Name . . . . . . . . . . . . . . . . . . . . . . 57 7.2.2. AC Name . . . . . . . . . . . . . . . . . . . . . . 57
7.2.3 AC Name with Index . . . . . . . . . . . . . . . . . 57 7.2.3. AC Name with Index . . . . . . . . . . . . . . . . . 57
7.2.4 WTP Board Data . . . . . . . . . . . . . . . . . . . 57 7.2.4. WTP Board Data . . . . . . . . . . . . . . . . . . . 57
7.2.5 Statistics Timer . . . . . . . . . . . . . . . . . . 58 7.2.5. Statistics Timer . . . . . . . . . . . . . . . . . . 58
7.2.6 WTP Static IP Address Information . . . . . . . . . 59 7.2.6. WTP Static IP Address Information . . . . . . . . . 59
7.2.7 WTP Reboot Statistics . . . . . . . . . . . . . . . 59 7.2.7. WTP Reboot Statistics . . . . . . . . . . . . . . . 59
7.3 Configure Response . . . . . . . . . . . . . . . . . . . 60 7.3. Configure Response . . . . . . . . . . . . . . . . . . . 60
7.3.1 Decryption Error Report Period . . . . . . . . . . . 61 7.3.1. Decryption Error Report Period . . . . . . . . . . . 61
7.3.2 Change State Event . . . . . . . . . . . . . . . . . 61 7.3.2. Change State Event . . . . . . . . . . . . . . . . . 61
7.3.3 LWAPP Timers . . . . . . . . . . . . . . . . . . . . 62 7.3.3. LWAPP Timers . . . . . . . . . . . . . . . . . . . . 62
7.3.4 AC IPv4 List . . . . . . . . . . . . . . . . . . . . 62 7.3.4. AC IPv4 List . . . . . . . . . . . . . . . . . . . . 62
7.3.5 AC IPv6 List . . . . . . . . . . . . . . . . . . . . 63 7.3.5. AC IPv6 List . . . . . . . . . . . . . . . . . . . . 62
7.3.6 WTP Fallback . . . . . . . . . . . . . . . . . . . . 63 7.3.6. WTP Fallback . . . . . . . . . . . . . . . . . . . . 63
7.3.7 Idle Timeout . . . . . . . . . . . . . . . . . . . . 63 7.3.7. Idle Timeout . . . . . . . . . . . . . . . . . . . . 63
7.4 Configuration Update Request . . . . . . . . . . . . . . 64 7.4. Configuration Update Request . . . . . . . . . . . . . . 63
7.4.1 WTP Name . . . . . . . . . . . . . . . . . . . . . . 64 7.4.1. WTP Name . . . . . . . . . . . . . . . . . . . . . . 64
7.4.2 Change State Event . . . . . . . . . . . . . . . . . 64 7.4.2. Change State Event . . . . . . . . . . . . . . . . . 64
7.4.3 Administrative State . . . . . . . . . . . . . . . . 64 7.4.3. Administrative State . . . . . . . . . . . . . . . . 64
7.4.4 Statistics Timer . . . . . . . . . . . . . . . . . . 64 7.4.4. Statistics Timer . . . . . . . . . . . . . . . . . . 64
7.4.5 Location Data . . . . . . . . . . . . . . . . . . . 64 7.4.5. Location Data . . . . . . . . . . . . . . . . . . . 64
7.4.6 Decryption Error Report Period . . . . . . . . . . . 64 7.4.6. Decryption Error Report Period . . . . . . . . . . . 64
7.4.7 AC IPv4 List . . . . . . . . . . . . . . . . . . . . 64 7.4.7. AC IPv4 List . . . . . . . . . . . . . . . . . . . . 64
7.4.8 AC IPv6 List . . . . . . . . . . . . . . . . . . . . 65 7.4.8. AC IPv6 List . . . . . . . . . . . . . . . . . . . . 64
7.4.9 Add Blacklist Entry . . . . . . . . . . . . . . . . 65 7.4.9. Add Blacklist Entry . . . . . . . . . . . . . . . . 64
7.4.10 Delete Blacklist Entry . . . . . . . . . . . . . . . 65 7.4.10. Delete Blacklist Entry . . . . . . . . . . . . . . . 65
7.4.11 Add Static Blacklist Entry . . . . . . . . . . . . . 66 7.4.11. Add Static Blacklist Entry . . . . . . . . . . . . . 66
7.4.12 Delete Static Blacklist Entry . . . . . . . . . . . 66 7.4.12. Delete Static Blacklist Entry . . . . . . . . . . . 66
7.4.13 LWAPP Timers . . . . . . . . . . . . . . . . . . . . 67 7.4.13. LWAPP Timers . . . . . . . . . . . . . . . . . . . . 67
7.4.14 AC Name with Index . . . . . . . . . . . . . . . . . 67 7.4.14. AC Name with Index . . . . . . . . . . . . . . . . . 67
7.4.15 WTP Fallback . . . . . . . . . . . . . . . . . . . . 67 7.4.15. WTP Fallback . . . . . . . . . . . . . . . . . . . . 67
7.4.16 Idle Timeout . . . . . . . . . . . . . . . . . . . . 67 7.4.16. Idle Timeout . . . . . . . . . . . . . . . . . . . . 67
7.5 Configuration Update Response . . . . . . . . . . . . . 67 7.5. Configuration Update Response . . . . . . . . . . . . . 67
7.5.1 Result Code . . . . . . . . . . . . . . . . . . . . 68 7.5.1. Result Code . . . . . . . . . . . . . . . . . . . . 67
7.6 Change State Event Request . . . . . . . . . . . . . . . 68 7.6. Change State Event Request . . . . . . . . . . . . . . . 67
7.6.1 Change State Event . . . . . . . . . . . . . . . . . 68 7.6.1. Change State Event . . . . . . . . . . . . . . . . . 68
7.7 Change State Event Response . . . . . . . . . . . . . . 68 7.7. Change State Event Response . . . . . . . . . . . . . . 68
7.8 Clear Config Indication . . . . . . . . . . . . . . . . 68 7.8. Clear Config Indication . . . . . . . . . . . . . . . . 68
8. Device Management Operations . . . . . . . . . . . . . . . . 70 8. Device Management Operations . . . . . . . . . . . . . . . . 69
8.1 Image Data Request . . . . . . . . . . . . . . . . . . . 70 8.1. Image Data Request . . . . . . . . . . . . . . . . . . . 69
8.1.1 Image Download . . . . . . . . . . . . . . . . . . . 70 8.1.1. Image Download . . . . . . . . . . . . . . . . . . . 69
8.1.2 Image Data . . . . . . . . . . . . . . . . . . . . . 70 8.1.2. Image Data . . . . . . . . . . . . . . . . . . . . . 69
8.2 Image Data Response . . . . . . . . . . . . . . . . . . 71 8.2. Image Data Response . . . . . . . . . . . . . . . . . . 70
8.3 Reset Request . . . . . . . . . . . . . . . . . . . . . 71 8.3. Reset Request . . . . . . . . . . . . . . . . . . . . . 70
8.4 Reset Response . . . . . . . . . . . . . . . . . . . . . 71 8.4. Reset Response . . . . . . . . . . . . . . . . . . . . . 70
8.5 WTP Event Request . . . . . . . . . . . . . . . . . . . 72 8.5. WTP Event Request . . . . . . . . . . . . . . . . . . . 71
8.5.1 Decryption Error Report . . . . . . . . . . . . . . 72 8.5.1. Decryption Error Report . . . . . . . . . . . . . . 71
8.5.2 Duplicate IPv4 Address . . . . . . . . . . . . . . . 72 8.5.2. Duplicate IPv4 Address . . . . . . . . . . . . . . . 71
8.5.3 Duplicate IPv6 Address . . . . . . . . . . . . . . . 73 8.5.3. Duplicate IPv6 Address . . . . . . . . . . . . . . . 72
8.6 WTP Event Response . . . . . . . . . . . . . . . . . . . 74 8.6. WTP Event Response . . . . . . . . . . . . . . . . . . . 73
8.7 Data Transfer Request . . . . . . . . . . . . . . . . . 74 8.7. Data Transfer Request . . . . . . . . . . . . . . . . . 73
8.7.1 Data Transfer Mode . . . . . . . . . . . . . . . . . 74 8.7.1. Data Transfer Mode . . . . . . . . . . . . . . . . . 73
8.7.2 Data Transfer Data . . . . . . . . . . . . . . . . . 75 8.7.2. Data Transfer Data . . . . . . . . . . . . . . . . . 74
8.8 Data Transfer Response . . . . . . . . . . . . . . . . . 75 8.8. Data Transfer Response . . . . . . . . . . . . . . . . . 74
9. Mobile Session Management . . . . . . . . . . . . . . . . . 77 9. Mobile Session Management . . . . . . . . . . . . . . . . . . 75
9.1 Mobile Config Request . . . . . . . . . . . . . . . . . 77 9.1. Mobile Config Request . . . . . . . . . . . . . . . . . 75
9.1.1 Delete Mobile . . . . . . . . . . . . . . . . . . . 77 9.1.1. Delete Mobile . . . . . . . . . . . . . . . . . . . 75
9.2 Mobile Config Response . . . . . . . . . . . . . . . . . 78 9.2. Mobile Config Response . . . . . . . . . . . . . . . . . 76
9.2.1 Result Code . . . . . . . . . . . . . . . . . . . . 78 9.2.1. Result Code . . . . . . . . . . . . . . . . . . . . 76
10. LWAPP Security . . . . . . . . . . . . . . . . . . . . . . 79 10. LWAPP Security . . . . . . . . . . . . . . . . . . . . . . . 77
10.1 Securing WTP-AC communications . . . . . . . . . . . . . 79 10.1. Securing WTP-AC communications . . . . . . . . . . . . . 77
10.2 LWAPP Frame Encryption . . . . . . . . . . . . . . . . . 80 10.2. LWAPP Frame Encryption . . . . . . . . . . . . . . . . . 78
10.3 Authenticated Key Exchange . . . . . . . . . . . . . . . 80 10.3. Authenticated Key Exchange . . . . . . . . . . . . . . . 78
10.3.1 Terminology . . . . . . . . . . . . . . . . . . . . 81 10.3.1. Terminology . . . . . . . . . . . . . . . . . . . . 79
10.3.2 Initial Key Generation . . . . . . . . . . . . . . . 82 10.3.2. Initial Key Generation . . . . . . . . . . . . . . . 80
10.3.3 Refreshing Cryptographic Keys . . . . . . . . . . . 86 10.3.3. Refreshing Cryptographic Keys . . . . . . . . . . . 84
10.4 Certificate Usage . . . . . . . . . . . . . . . . . . . 87 10.4. Certificate Usage . . . . . . . . . . . . . . . . . . . 85
11. IEEE 802.11 Binding . . . . . . . . . . . . . . . . . . . 88 11. IEEE 802.11 Binding . . . . . . . . . . . . . . . . . . . . . 86
11.1 Division of labor . . . . . . . . . . . . . . . . . . . 88 11.1. Division of labor . . . . . . . . . . . . . . . . . . . 86
11.1.1 Split MAC . . . . . . . . . . . . . . . . . . . . . 88 11.1.1. Split MAC . . . . . . . . . . . . . . . . . . . . . 86
11.1.2 Local MAC . . . . . . . . . . . . . . . . . . . . . 90 11.1.2. Local MAC . . . . . . . . . . . . . . . . . . . . . 88
11.2 Roaming Behavior and 802.11 security . . . . . . . . . . 93 11.2. Roaming Behavior and 802.11 security . . . . . . . . . . 91
11.3 Transport specific bindings . . . . . . . . . . . . . . 94 11.3. Transport specific bindings . . . . . . . . . . . . . . 92
11.3.1 Status and WLANS field . . . . . . . . . . . . . . . 94 11.3.1. Status and WLANS field . . . . . . . . . . . . . . . 92
11.4 BSSID to WLAN ID Mapping . . . . . . . . . . . . . . . . 95 11.4. BSSID to WLAN ID Mapping . . . . . . . . . . . . . . . . 93
11.5 Quality of Service . . . . . . . . . . . . . . . . . . . 95 11.5. Quality of Service . . . . . . . . . . . . . . . . . . . 93
11.6 Data Message bindings . . . . . . . . . . . . . . . . . 95 11.6. Data Message bindings . . . . . . . . . . . . . . . . . 93
11.7 Control Message bindings . . . . . . . . . . . . . . . . 95 11.7. Control Message bindings . . . . . . . . . . . . . . . . 93
11.7.1 Mobile Config Request . . . . . . . . . . . . . . . 96 11.7.1. Mobile Config Request . . . . . . . . . . . . . . . 94
11.7.2 WTP Event Request . . . . . . . . . . . . . . . . . 102 11.7.2. WTP Event Request . . . . . . . . . . . . . . . . . 100
11.8 802.11 Control Messages . . . . . . . . . . . . . . . . 104 11.8. 802.11 Control Messages . . . . . . . . . . . . . . . . 102
11.8.1 IEEE 802.11 WLAN Config Request . . . . . . . . . . 104 11.8.1. IEEE 802.11 WLAN Config Request . . . . . . . . . . 102
11.8.2 IEEE 802.11 WLAN Config Response . . . . . . . . . . 109 11.8.2. IEEE 802.11 WLAN Config Response . . . . . . . . . . 107
11.8.3 IEEE 802.11 WTP Event . . . . . . . . . . . . . . . 109 11.8.3. IEEE 802.11 WTP Event . . . . . . . . . . . . . . . 107
11.9 Message Element Bindings . . . . . . . . . . . . . . . . 111 11.9. Message Element Bindings . . . . . . . . . . . . . . . . 109
11.9.1 IEEE 802.11 WTP WLAN Radio Configuration . . . . . . 111 11.9.1. IEEE 802.11 WTP WLAN Radio Configuration . . . . . . 109
11.9.2 IEEE 802.11 Rate Set . . . . . . . . . . . . . . . . 113 11.9.2. IEEE 802.11 Rate Set . . . . . . . . . . . . . . . . 111
11.9.3 IEEE 802.11 Multi-domain Capability . . . . . . . . 114 11.9.3. IEEE 802.11 Multi-domain Capability . . . . . . . . 111
11.9.4 IEEE 802.11 MAC Operation . . . . . . . . . . . . . 114 11.9.4. IEEE 802.11 MAC Operation . . . . . . . . . . . . . 112
11.9.5 IEEE 802.11 Tx Power . . . . . . . . . . . . . . . . 116 11.9.5. IEEE 802.11 Tx Power . . . . . . . . . . . . . . . . 114
11.9.6 IEEE 802.11 Tx Power Level . . . . . . . . . . . . . 117 11.9.6. IEEE 802.11 Tx Power Level . . . . . . . . . . . . . 114
11.9.7 IEEE 802.11 Direct Sequence Control . . . . . . . . 117 11.9.7. IEEE 802.11 Direct Sequence Control . . . . . . . . 115
11.9.8 IEEE 802.11 OFDM Control . . . . . . . . . . . . . . 118 11.9.8. IEEE 802.11 OFDM Control . . . . . . . . . . . . . . 116
11.9.9 IEEE 802.11 Antenna . . . . . . . . . . . . . . . . 119 11.9.9. IEEE 802.11 Antenna . . . . . . . . . . . . . . . . 117
11.9.10 IEEE 802.11 Supported Rates . . . . . . . . . . . 120 11.9.10. IEEE 802.11 Supported Rates . . . . . . . . . . . . 118
11.9.11 IEEE 802.11 CFP Status . . . . . . . . . . . . . . 120 11.9.11. IEEE 802.11 CFP Status . . . . . . . . . . . . . . . 118
11.9.12 IEEE 802.11 WTP Mode and Type . . . . . . . . . . 121 11.9.12. IEEE 802.11 WTP Mode and Type . . . . . . . . . . . 119
11.9.13 IEEE 802.11 Broadcast Probe Mode . . . . . . . . . 121 11.9.13. IEEE 802.11 Broadcast Probe Mode . . . . . . . . . . 119
11.9.14 IEEE 802.11 WTP Quality of Service . . . . . . . . 122 11.9.14. IEEE 802.11 WTP Quality of Service . . . . . . . . . 120
11.9.15 IEEE 802.11 MIC Error Report From Mobile . . . . . 123 11.9.15. IEEE 802.11 MIC Error Report From Mobile . . . . . . 121
11.10 IEEE 802.11 Message Element Values . . . . . . . . . . 124 11.10. IEEE 802.11 Message Element Values . . . . . . . . . . . 122
12. LWAPP Protocol Timers . . . . . . . . . . . . . . . . . . 125 12. LWAPP Protocol Timers . . . . . . . . . . . . . . . . . . . . 123
12.1 MaxDiscoveryInterval . . . . . . . . . . . . . . . . . . 125 12.1. MaxDiscoveryInterval . . . . . . . . . . . . . . . . . . 123
12.2 SilentInterval . . . . . . . . . . . . . . . . . . . . . 125 12.2. SilentInterval . . . . . . . . . . . . . . . . . . . . . 123
12.3 NeighborDeadInterval . . . . . . . . . . . . . . . . . . 125 12.3. NeighborDeadInterval . . . . . . . . . . . . . . . . . . 123
12.4 EchoInterval . . . . . . . . . . . . . . . . . . . . . . 125 12.4. EchoInterval . . . . . . . . . . . . . . . . . . . . . . 123
12.5 DiscoveryInterval . . . . . . . . . . . . . . . . . . . 125 12.5. DiscoveryInterval . . . . . . . . . . . . . . . . . . . 123
12.6 RetransmitInterval . . . . . . . . . . . . . . . . . . . 125 12.6. RetransmitInterval . . . . . . . . . . . . . . . . . . . 123
12.7 ResponseTimeout . . . . . . . . . . . . . . . . . . . . 126 12.7. ResponseTimeout . . . . . . . . . . . . . . . . . . . . 124
12.8 KeyLifetime . . . . . . . . . . . . . . . . . . . . . . 126 12.8. KeyLifetime . . . . . . . . . . . . . . . . . . . . . . 124
13. LWAPP Protocol Variables . . . . . . . . . . . . . . . . . 127 13. LWAPP Protocol Variables . . . . . . . . . . . . . . . . . . 125
13.1 MaxDiscoveries . . . . . . . . . . . . . . . . . . . . . 127 13.1. MaxDiscoveries . . . . . . . . . . . . . . . . . . . . . 125
13.2 DiscoveryCount . . . . . . . . . . . . . . . . . . . . . 127 13.2. DiscoveryCount . . . . . . . . . . . . . . . . . . . . . 125
13.3 RetransmitCount . . . . . . . . . . . . . . . . . . . . 127 13.3. RetransmitCount . . . . . . . . . . . . . . . . . . . . 125
13.4 MaxRetransmit . . . . . . . . . . . . . . . . . . . . . 127 13.4. MaxRetransmit . . . . . . . . . . . . . . . . . . . . . 125
14. NAT Considerations . . . . . . . . . . . . . . . . . . . . 128 14. NAT Considerations . . . . . . . . . . . . . . . . . . . . . 126
15. Security Considerations . . . . . . . . . . . . . . . . . 130 15. Security Considerations . . . . . . . . . . . . . . . . . . . 128
15.1 Certificate based Session Key establishment . . . . . . 131 15.1. Certificate based Session Key establishment . . . . . . 129
15.2 PSK based Session Key establishment . . . . . . . . . . 131 15.2. PSK based Session Key establishment . . . . . . . . . . 129
16. IANA Considerations . . . . . . . . . . . . . . . . . . . 132 16. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 130
17. Acknowledgements . . . . . . . . . . . . . . . . . . . . . 133 17. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 131
18. IPR Statement . . . . . . . . . . . . . . . . . . . . . . 134 18. IPR Statement . . . . . . . . . . . . . . . . . . . . . . . . 132
19. References . . . . . . . . . . . . . . . . . . . . . . . . 135 19. References . . . . . . . . . . . . . . . . . . . . . . . . . 133
19.1 Normative References . . . . . . . . . . . . . . . . . . 135 19.1. Normative References . . . . . . . . . . . . . . . . . . 133
19.2 Informational References . . . . . . . . . . . . . . . . 136 19.2. Informational References . . . . . . . . . . . . . . . . 134
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 136 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 135
Intellectual Property and Copyright Statements . . . . . . . 138 Intellectual Property and Copyright Statements . . . . . . . . . 137
1. Introduction 1. Introduction
Unlike wired network elements, Wireless Termination Points (WTPs) Unlike wired network elements, Wireless Termination Points (WTPs)
require a set of dynamic management and control functions related to require a set of dynamic management and control functions related to
their primary task of connecting the wireless and wired mediums. their primary task of connecting the wireless and wired mediums.
Today, protocols for managing WTPs are either manual static Today, protocols for managing WTPs are either manual static
configuration via HTTP, proprietary Layer 2 specific or non-existent configuration via HTTP, proprietary Layer 2 specific or non-existent
(if the WTPs are self-contained). The emergence of simple 802.11 (if the WTPs are self-contained). The emergence of simple 802.11
WTPs that are managed by a WLAN appliance or switch (also known as an WTPs that are managed by a WLAN appliance or switch (also known as an
skipping to change at page 9, line 36 skipping to change at page 9, line 36
available in WTPs that are the subject of severe cost pressure. available in WTPs that are the subject of severe cost pressure.
3. Providing a generic encapsulation and transport mechanism, the 3. Providing a generic encapsulation and transport mechanism, the
protocol may be applied to other access point type in the future protocol may be applied to other access point type in the future
by adding the binding. by adding the binding.
The LWAPP protocol concerns itself solely with the interface between The LWAPP protocol concerns itself solely with the interface between
the WTP and the AC. Inter-AC, or mobile to AC communication is the WTP and the AC. Inter-AC, or mobile to AC communication is
strictly outside the scope of this document. strictly outside the scope of this document.
1.1 Conventions used in this document 1.1. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1]. document are to be interpreted as described in RFC 2119 [1].
2. Protocol Overview 2. Protocol Overview
LWAPP is a generic protocol defining how Wireless Termination Points LWAPP is a generic protocol defining how Wireless Termination Points
communicate with Access Controllers. Wireless Termination Points and communicate with Access Controllers. Wireless Termination Points and
Access Controllers may communicate either by means of Layer 2 Access Controllers may communicate either by means of Layer 2
skipping to change at page 11, line 26 skipping to change at page 11, line 26
provides the ability for the AC to obtain any statistical information provides the ability for the AC to obtain any statistical information
collected by the WTP. collected by the WTP.
LWAPP also provides for a keep alive feature that preserves the LWAPP also provides for a keep alive feature that preserves the
communication channel between the WTP and AC. If the AC fails to communication channel between the WTP and AC. If the AC fails to
appear alive, the WTP will try to discover a new AC to communicate appear alive, the WTP will try to discover a new AC to communicate
through. through.
This Document uses terminology defined in [5] This Document uses terminology defined in [5]
2.1 Wireless Binding Definition 2.1. Wireless Binding Definition
This draft standard specifies a protocol independent of a specific This draft standard specifies a protocol independent of a specific
wireless access point radio technology. Elements of the protocol are wireless access point radio technology. Elements of the protocol are
designed to accommodate specific needs of each wireless technology in designed to accommodate specific needs of each wireless technology in
a standard way. Implementation of this standard for a particular a standard way. Implementation of this standard for a particular
wireless technology must follow the binding requirements defined for wireless technology must follow the binding requirements defined for
that technology. This specification includes a binding for the IEEE that technology. This specification includes a binding for the IEEE
802.11 (see Section 11). 802.11 (see Section 11).
When defining a binding for other technologies, the authors MUST When defining a binding for other technologies, the authors MUST
skipping to change at page 12, line 5 skipping to change at page 12, line 5
Event Request message, and Add Mobile message element, which is Event Request message, and Add Mobile message element, which is
carried in the Mobile Configure Request. If any technology specific carried in the Mobile Configure Request. If any technology specific
message elements are required for any of the existing LWAPP messages message elements are required for any of the existing LWAPP messages
defined in this specification, they MUST also be defined in the defined in this specification, they MUST also be defined in the
technology binding document. technology binding document.
The naming of binding-specific message elements MUST begin with the The naming of binding-specific message elements MUST begin with the
name of the technology type, e.g., the binding for IEEE 802.11, name of the technology type, e.g., the binding for IEEE 802.11,
provided in this standard, begins with "IEEE 802.11"." provided in this standard, begins with "IEEE 802.11"."
2.2 LWAPP State Machine Definition 2.2. LWAPP State Machine Definition
The following state diagram represents the lifecycle of an WTP-AC The following state diagram represents the lifecycle of an WTP-AC
session: session:
/-------------\ /-------------\
| v | v
| +------------+ | +------------+
| C| Idle |<-----------------------------------\ | C| Idle |<-----------------------------------\
| +------------+<-----------------------\ | | +------------+<-----------------------\ |
| ^ |a ^ | | | ^ |a ^ | |
skipping to change at page 13, line 20 skipping to change at page 13, line 20
Idle to Discovery (a): This is the initialization state. Idle to Discovery (a): This is the initialization state.
WTP: The WTP enters the Discovery state prior to transmitting the WTP: The WTP enters the Discovery state prior to transmitting the
first Discovery Request (see Section 5.1). Upon entering this first Discovery Request (see Section 5.1). Upon entering this
state, the WTP sets the DiscoveryInterval timer (see state, the WTP sets the DiscoveryInterval timer (see
Section 12). The WTP resets the DiscoveryCount counter to zero Section 12). The WTP resets the DiscoveryCount counter to zero
(0) (see Section 13). The WTP also clears all information from (0) (see Section 13). The WTP also clears all information from
ACs (e.g., AC Addresses) it may have received during a previous ACs (e.g., AC Addresses) it may have received during a previous
Discovery phase. Discovery phase.
AC: The AC does not need to maintain state information for the WTP AC: The AC does not need to maintain state information for the
upon reception of the Discovery Request, but it MUST respond WTP upon reception of the Discovery Request, but it MUST
with a Discovery Response (see Section 5.2). respond with a Discovery Response (see Section 5.2).
Discovery to Discovery (b): This is the state the WTP uses to Discovery to Discovery (b): This is the state the WTP uses to
determine which AC it wishes to connect to. determine which AC it wishes to connect to.
WTP: This event occurs when the DiscoveryInterval timer expires. WTP: This event occurs when the DiscoveryInterval timer expires.
The WTP transmits a Discovery Request to every AC which the WTP The WTP transmits a Discovery Request to every AC which the WTP
hasn't received a response to. For every transition to this hasn't received a response to. For every transition to this
event, the WTP increments DisoveryCount counter. See event, the WTP increments DisoveryCount counter. See
Section 5.1) for more information on how the WTP knows which Section 5.1) for more information on how the WTP knows which
ACs it should transmit the Discovery Requests to. The WTP ACs it should transmit the Discovery Requests to. The WTP
skipping to change at page 14, line 21 skipping to change at page 14, line 21
AC: This is a noop. AC: This is a noop.
Discovery to Join (f): This state is used by the WTP to confirm its Discovery to Join (f): This state is used by the WTP to confirm its
commitment to an AC that it wishes to be provided service. commitment to an AC that it wishes to be provided service.
WTP: The WTP selects the best AC based on the information it WTP: The WTP selects the best AC based on the information it
gathered during the Discovery Phase. It then transmits a Join gathered during the Discovery Phase. It then transmits a Join
Request (see Section 6.1 to its preferred AC. The WTP starts Request (see Section 6.1 to its preferred AC. The WTP starts
the WaitJoin Timer (see Section 12). the WaitJoin Timer (see Section 12).
AC: The AC enters this state for the given WTP upon reception of a AC: The AC enters this state for the given WTP upon reception of
Join Request. The AC processes the request and responds with a a Join Request. The AC processes the request and responds with
Join Response. a Join Response.
Join to Join (g): This state transition occurs during the join phase. Join to Join (g): This state transition occurs during the join
phase.
WTP: The WTP enters this state when the WaitJoin timer expires, WTP: The WTP enters this state when the WaitJoin timer expires,
and the underlying transport requires LWAPP MTU detection and the underlying transport requires LWAPP MTU detection
Section 3). Section 3).
AC: This state occurs when the AC receives a retransmission of a AC: This state occurs when the AC receives a retransmission of a
Join Request. The AC processes the request and responds with Join Request. The WTP processes the request and responds with
the Join Response.. the Join Response..
Join to Idle (h): This state is used when the join process failed. Join to Idle (h): This state is used when the join process failed.
WTP: This state transition occurs if the WTP is configured to use WTP: This state transition occurs if the WTP is configured to use
PSK security and receives a Join Response that includes an PSK security and receives a Join Response that includes an
invalid PSK-MIC message element. invalid PSK-MIC message element.
AC: The AC enters this state when it transmits an unsuccessful AC: The AC enters this state when it transmits an unsuccessful
Join Response. Join Response.
skipping to change at page 15, line 14 skipping to change at page 15, line 15
AC: This state transition is invalid. AC: This state transition is invalid.
Join to Join-Confirm (z): This state is used to provide key Join to Join-Confirm (z): This state is used to provide key
confirmation during the join process. confirmation during the join process.
WTP: This state is entered when the WTP receives a Join Response. WTP: This state is entered when the WTP receives a Join Response.
In the event that certificate based security is utilized, this In the event that certificate based security is utilized, this
transition will occur if the Certificate message element is transition will occur if the Certificate message element is
present and valid in the Join Response. For pre-shared key present and valid in the Join Response. For pre-shared key
security, the Join Response must include a valdd and security, the Join Response must include a valud and
authenticated PSK-MIC message element. The WTP MUST respond authenticated PSK-MIC message element. The WTP MUST respond
with a Join ACK, which is used to provide key confirmation. with a Join ACK, which is used to provide key confirmation.
AC: The AC enters this state when it receives a valid Join ACK. AC: The AC enters this state when it receives a valid Join ACK.
For certificate based security, the Join ACK MUST include a For certificate based security, the Join ACK MUST include a
valid and authenticated PSK-MIC message element. For pre- valid and authenticated xxxx message element. For pre-shared
shared key security, the message must include a valid PSK-MIC key security, the message must include a valid PSK-MIC message
message element. The AC MUST respond with a Join Confirm element. The AC MUST respond with a Join Confirm message,
message, which includes the Session Key message element. which includes the Session Key message element.
Join-Confirm to Idle (3): This state is used when the join process Join-Confirm to Idle (3): This state is used when the join process
failed. failed.
WTP: This state transition occurs when the WTP receives an invalid WTP: This state transition occurs when the WTP receives an
Join Confirm. invalid Join Confirm.
AC: The AC enters this state when it receives an invalid Join ACK. AC: The AC enters this state when it receives an invalid Join
ACK.
Join-Confirm to Configure (2): This state is used by the WTP and the Join-Confirm to Configure (2): This state is used by the WTP and the
AC to exchange configuration information. AC to exchange configuration information.
WTP: The WTP enters this state when it receives a successful Join WTP: The WTP enters this state when it receives a successful Join
Confirm, and determines that its version number and the version Confirm, and determines that its version number and the version
number advertised by the AC are the same. The WTP transmits number advertised by the AC are the same. The WTP transmits
the Configure Request (see Section 7.2) message to the AC with the Configure Request (see Section 7.2) message to the AC with
a snapshot of its current configuration. The WTP also starts a snapshot of its current configuration. The WTP also starts
the ResponseTimeout timer (see Section 12). the ResponseTimeout timer (see Section 12).
AC: This state transition occurs when the AC receives the AC: This state transition occurs when the AC receives the
Configure Request from the WTP. The AC must transmit a Configure Request from the WTP. The AC must transmit a
Configure Response (see Section 7.3) to the WTP, and may Configure Response (see Section 7.3) to the WTP, and may
include specific message elements to override the WTP's include specific message elements to override the WTP's
configuration. configuration.
Join-Confirm to Image Data (4): This state is used by the WTP and the Join-Confirm to Image Data (4): This state is used by the WTP and
AC to download executable firmware. the AC to download executable firmware.
WTP: The WTP enters this state when it receives a successful Join WTP: The WTP enters this state when it receives a successful Join
Confirm, and determines that its version number and the version Confirm, and determines that its version number and the version
number advertised by the AC are different. The WTP transmits number advertised by the AC are different. The WTP transmits
the Image Data Request (see Section 8.1) message requesting the Image Data Request (see Section 8.1) message requesting
that the AC's latest firmware be initiated. that the AC's latest firmware be initiated.
AC: This state transition occurs when the AC receives the Image AC: This state transition occurs when the AC receives the Image
Data Request from the WTP. The AC must transmit a Image Data Data Request from the WTP. The AC must transmit a Image Data
Response (see Section 8.2) to the WTP, which includes a portion Response (see Section 8.2) to the WTP, which includes a portion
skipping to change at page 16, line 45 skipping to change at page 16, line 45
At this point, the WTP reboots itself. At this point, the WTP reboots itself.
AC: This state transition occurs when the AC receives the Image AC: This state transition occurs when the AC receives the Image
Data Request from the WTP while already in this state, and it Data Request from the WTP while already in this state, and it
detects that the firmware download has completed, or if the detects that the firmware download has completed, or if the
underlying LWAPP transport indicates a link failure. Note that underlying LWAPP transport indicates a link failure. Note that
the AC itself does not reset, but it places the specific WTPs the AC itself does not reset, but it places the specific WTPs
context it is communicating with in the reset state, meaning context it is communicating with in the reset state, meaning
that it clears all state associated with the WTP. that it clears all state associated with the WTP.
Configure to Reset (p): This state transition occurs if the Configure Configure to Reset (p): This state transition occurs if the
phase fails. Configure phase fails.
WTP: The WTP enters this state when the reliable transport fails WTP: The WTP enters this state when the reliable transport fails
to deliver the Configure Request, or if the ResponseTimeout to deliver the Configure Request, or if the ResponseTimeout
Timer (see Section 12)expires. Timer (see Section 12)expires.
AC: This state transition occurs if the AC is unable to transmit AC: This state transition occurs if the AC is unable to transmit
the Configure Response to a specific WTP. Note that the AC the Configure Response to a specific WTP. Note that the AC
itself does not reset, but it places the specific WTPs context itself does not reset, but it places the specific WTPs context
it is communicating with in the reset state, meaning that it it is communicating with in the reset state, meaning that it
clears all state associated with the WTP. clears all state associated with the WTP.
skipping to change at page 18, line 5 skipping to change at page 18, line 5
(see Section 6.6). (see Section 6.6).
Clear Config Indication: The WTP receives a Clear Config Clear Config Indication: The WTP receives a Clear Config
Indication message Section 7.8). The WTP MUST reset its Indication message Section 7.8). The WTP MUST reset its
configuration back to manufacturer defaults. configuration back to manufacturer defaults.
WTP Event: The WTP generates a WTP Event Request to send WTP Event: The WTP generates a WTP Event Request to send
information to the AC Section 8.5). The WTP receives a WTP information to the AC Section 8.5). The WTP receives a WTP
Event Response from the AC Section 8.6). Event Response from the AC Section 8.6).
Data Transfer: The WTP generates a Data Transfer Request to the Data Transfer: The WTP generates a Data Transfer Request to
AC Section 8.7). The WTP receives a Data Transfer Response the AC Section 8.7). The WTP receives a Data Transfer
from the AC Section 8.8). Response from the AC Section 8.8).
WLAN Config Request: The WTP receives an WLAN Config Request WLAN Config Request: The WTP receives an WLAN Config Request
message Section 11.8.1), which it MUST respond with an WLAN message Section 11.8.1), which it MUST respond with an WLAN
Config Response (see Section 11.8.2). Config Response (see Section 11.8.2).
Mobile Config Request: The WTP receives an Mobile Config Mobile Config Request: The WTP receives an Mobile Config
Request message Section 9.1), which it MUST respond with an Request message Section 9.1), which it MUST respond with an
Mobile Config Response (see Section 9.2). Mobile Config Response (see Section 9.2).
AC: This is the AC's normal state of operation, and there are many AC: This is the AC's normal state of operation, and there are
events that cause this to occur: many events that cause this to occur:
Configuration Update: The AC sends a Configuration Update Configuration Update: The AC sends a Configuration Update
Request (see Section 7.4) to the WTP to update its Request (see Section 7.4) to the WTP to update its
configuration. The AC receives a Configuration Update configuration. The AC receives a Configuration Update
Response (see Section 7.5) from the WTP. Response (see Section 7.5) from the WTP.
Change State Event: The AC receives a Change State Event Change State Event: The AC receives a Change State Event
Request (see Section 7.6), which it MUST respond to with the Request (see Section 7.6), which it MUST respond to with the
Change State Event Response (see Section 7.7). Change State Event Response (see Section 7.7).
Echo: The AC sends an Echo Request message Section 6.5) or Echo: The AC sends an Echo Request message Section 6.5) or
receives the associated Echo Response (see Section 6.6) from receives the associated Echo Response (see Section 6.6) from
the WTP. the WTP.
Clear Config Indication: The AC sends a Clear Config Indication Clear Config Indication: The AC sends a Clear Config
message Section 7.8). Indication message Section 7.8).
WLAN Config: The AC sends an WLAN Config Request message WLAN Config: The AC sends an WLAN Config Request message
Section 11.8.1) or receives the associated WLAN Config Section 11.8.1) or receives the associated WLAN Config
Response (see Section 11.8.2) from the WTP. Response (see Section 11.8.2) from the WTP.
Mobile Config: The AC sends an Mobile Config Request message Mobile Config: The AC sends an Mobile Config Request message
Section 9.1) or receives the associated Mobile Config Section 9.1) or receives the associated Mobile Config
Response (see Section 9.2) from the WTP. Response (see Section 9.2) from the WTP.
Data Transfer: The AC receives a Data Transfer Request from the Data Transfer: The AC receives a Data Transfer Request from
AC (see Section 8.7) and MUST generate the associated Data the AC (see Section 8.7) and MUST generate the associated
Transfer Response message (see Section 8.8). Data Transfer Response message (see Section 8.8).
WTP Event: The AC receives a WTP Event Request from the AC (see WTP Event: The AC receives a WTP Event Request from the AC
Section 8.5) and MUST generate the associated WTP Event (see Section 8.5) and MUST generate the associated WTP Event
Response message (see Section 8.6). Response message (see Section 8.6).
Run to Reset (s): This event occurs when the AC wishes for the WTP to Run to Reset (s): This event occurs when the AC wishes for the WTP
reboot. to reboot.
WTP: The WTP enters this state when it receives a Reset Request WTP: The WTP enters this state when it receives a Reset Request
(see Section 8.3). It must respond with a Reset Response (see (see Section 8.3). It must respond with a Reset Response (see
Section 8.4), and once the reliable transport acknowledgement Section 8.4), and once the reliable transport acknowledgement
has been received, it must reboot itself. has been received, it must reboot itself.
AC: This state transition occurs either through some AC: This state transition occurs either through some
administrative action, or via some internal event on the AC administrative action, or via some internal event on the AC
that causes it to request that the WTP disconnect. Note that that causes it to request that the WTP disconnect. Note that
the AC itself does not reset, but it places the specific WTPs the AC itself does not reset, but it places the specific WTPs
skipping to change at page 20, line 5 skipping to change at page 20, line 5
Request (see Section 6.7). Request (see Section 6.7).
Key Update to Key Confirm (w): This event occurs during the rekey Key Update to Key Confirm (w): This event occurs during the rekey
phase and is used to complete the loop. phase and is used to complete the loop.
WTP: This state transition occurs when the WTP receives the Key WTP: This state transition occurs when the WTP receives the Key
Update Response. The WTP MUST only accept the message if it is Update Response. The WTP MUST only accept the message if it is
authentic. The WTP responds to this response with a Key Update authentic. The WTP responds to this response with a Key Update
ACK. ACK.
AC: The AC enters this state when it receives an authenticated Key AC: The AC enters this state when it receives an authenticated
Update ACK message. Key Update ACK message.
Key Confirm to Run (5): This event occurs when the rekey exchange Key Confirm to Run (5): This event occurs when the rekey exchange
phase is completed. phase is completed.
WTP: This state transition occurs when the WTP receives the Key WTP: This state transition occurs when the WTP receives the Key
Update Confirm. The newly derived encryption key and IV must Update Confirm. The newly derived encryption key and IV must
be plumbed into the crypto module after validating the be plumbed into the crypto module after validating the
message's authentication. message's authentication.
AC: The AC enters this state when it transmits the Key Update AC: The AC enters this state when it transmits the Key Update
skipping to change at page 21, line 13 skipping to change at page 21, line 13
timing out. timing out.
3. LWAPP Transport Layers 3. LWAPP Transport Layers
The LWAPP protocol can operate at layer 2 or 3. For layer 2 support, The LWAPP protocol can operate at layer 2 or 3. For layer 2 support,
the LWAPP messages are carried in a native Ethernet frame. As such, the LWAPP messages are carried in a native Ethernet frame. As such,
the protocol is not routable and depends upon layer 2 connectivity the protocol is not routable and depends upon layer 2 connectivity
between the WTP and the AC. Layer 3 support is provided by between the WTP and the AC. Layer 3 support is provided by
encapsulating the LWAPP messages within UDP. encapsulating the LWAPP messages within UDP.
3.1 LWAPP Transport Header 3.1. LWAPP Transport Header
All LWAPP protocol packets are encapsulated using a common header All LWAPP protocol packets are encapsulated using a common header
format, regardless of the transport used to carry the frames. format, regardless of the transport used to carry the frames.
However, certain flags are not applicable for a given transport, and However, certain flags are not applicable for a given transport, and
it is therefore necessary to refer to the specific transport section it is therefore necessary to refer to the specific transport section
in order to determine which flags are valid. in order to determine which flags are valid.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|VER| RID |C|F|L| Frag ID | Length | |VER| RID |C|F|L| Frag ID | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status/WLANs | Payload... | | Status/WLANs | Payload... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
3.1.1 VER Field 3.1.1. VER Field
A 2 bit field which contains the version of LWAPP used in this A 2 bit field which contains the version of LWAPP used in this
packet. The value for this draft is 0. packet. The value for this draft is 0.
3.1.2 RID Field 3.1.2. RID Field
A 3 bit field which contains the Radio ID number for this packet. A 3 bit field which contains the Radio ID number for this packet.
WTPs with multiple radios but a single MAC Address use this field to WTPs with multiple radios but a single MAC Address use this field to
indicate which radio is associated with the packet. indicate which radio is associated with the packet.
3.1.3 C Bit 3.1.3. C Bit
The Control Message 'C' bit indicates whether this packet carries a The Control Message 'C' bit indicates whether this packet carries a
data or control message. When this bit is zero (0), the packet data or control message. When this bit is zero (0), the packet
carries an LWAPP data message in the payload (see Section 4.1). When carries an LWAPP data message in the payload (see Section 4.1). When
this bit is one (1), the packet carries an LWAPP control message as this bit is one (1), the packet carries an LWAPP control message as
defined in section Section 4.2 for consumption by the addressed defined in section Section 4.2 for consumption by the addressed
destination. destination.
3.1.4 F Bit 3.1.4. F Bit
The Fragment 'F' bit indicates whether this packet is a fragment. The Fragment 'F' bit indicates whether this packet is a fragment.
When this bit is one (1), the packet is a fragment and MUST be When this bit is one (1), the packet is a fragment and MUST be
combined with the other corresponding fragments to reassemble the combined with the other corresponding fragments to reassemble the
complete information exchanged between the WTP and AC. complete information exchanged between the WTP and AC.
3.1.5 L Bit 3.1.5. L Bit
The Not Last 'L' bit is valid only if the 'F' bit is set and The Not Last 'L' bit is valid only if the 'F' bit is set and
indicates whether the packet contains the last fragment of a indicates whether the packet contains the last fragment of a
fragmented exchange between WTP and AC. When this bit is 1, the fragmented exchange between WTP and AC. When this bit is 1, the
packet is not the last fragment. When this bit is 0, the packet is packet is not the last fragment. When this bit is 0, the packet is
the last fragment. the last fragment.
3.1.6 Fragment ID 3.1.6. Fragment ID
An 8 bit field whose value is assigned to each group of fragments An 8 bit field whose value is assigned to each group of fragments
making up a complete set. The fragment ID space is managed making up a complete set. The fragment ID space is managed
individually for every WTP/AC pair. The value of Fragment ID is individually for every WTP/AC pair. The value of Fragment ID is
incremented with each new set of fragments. The Fragment ID wraps to incremented with each new set of fragments. The Fragment ID wraps to
zero after the maximum value has been used to identify a set of zero after the maximum value has been used to identify a set of
fragments. LWAPP only supports up to 2 fragments per frame. fragments. LWAPP only supports up to 2 fragments per frame.
3.1.7 Length 3.1.7. Length
The 16 bit length field contains the number of bytes in the Payload. The 16 bit length field contains the number of bytes in the Payload.
The field is encoded as an unsigned number. If the LWAPP packet is The field is encoded as an unsigned number. If the LWAPP packet is
encrypted, the length field includes the AES-CCM MIC (see encrypted, the length field includes the AES-CCM MIC (see
Section 10.2 for more information). Section 10.2 for more information).
3.1.8 Status and WLANS 3.1.8. Status and WLANS
The interpretation of this 16 bit field is binding specific. Refer The interpretation of this 16 bit field is binding specific. Refer
to the transport portion of the binding for a wireless technology for to the transport portion of the binding for a wireless technology for
the specification. the specification.
3.1.9 Payload 3.1.9. Payload
This field contains the header for an LWAPP Data Message or LWAPP This field contains the header for an LWAPP Data Message or LWAPP
Control Message, followed by the data associated with that message. Control Message, followed by the data associated with that message.
3.2 Using IEEE 802.3 MAC as LWAPP transport 3.2. Using IEEE 802.3 MAC as LWAPP transport
This section describes how the LWAPP protocol is provided over native This section describes how the LWAPP protocol is provided over native
ethernet frames. An LWAPP packet is formed from the MAC frame header ethernet frames. An LWAPP packet is formed from the MAC frame header
followed by the LWAPP message header. The following figure provides followed by the LWAPP message header. The following figure provides
an example of the frame formats used when LWAPP is used over the IEEE an example of the frame formats used when LWAPP is used over the IEEE
802.3 transport. 802.3 transport.
Layer 2 LWAPP Data Frame Layer 2 LWAPP Data Frame
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| MAC Header | LWAPP Header [C=0] | Forwarded Data ... | | MAC Header | LWAPP Header [C=0] | Forwarded Data ... |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
Layer 2 LWAPP Control Frame Layer 2 LWAPP Control Frame
+---------------------------------------------------+ +---------------------------------------------------+
| MAC Header | LWAPP Header [C=1] | Control Message | | MAC Header | LWAPP Header [C=1] | Control Message |
+---------------------------------------------------+ +---------------------------------------------------+
| Message Elements ... | | Message Elements ... |
+----------------------+ +----------------------+
3.2.1 Framing 3.2.1. Framing
Source Address Source Address
A MAC address belonging to the interface from which this message is A MAC address belonging to the interface from which this message is
sent. If multiple source addresses are configured on an interface, sent. If multiple source addresses are configured on an interface,
then the one chosen is implementation dependent. then the one chosen is implementation dependent.
Destination Address Destination Address
A MAC address belonging to the interface to which this message is to A MAC address belonging to the interface to which this message is to
be sent. This destination address MAY be either an individual be sent. This destination address MAY be either an individual
address or a multicast address, if more than one destination address or a multicast address, if more than one destination
interface is intended. interface is intended.
Ethertype Ethertype
The Ethertype field is set to 0x88bb. The Ethertype field is set to 0x88bb.
3.2.2 AC Discovery 3.2.2. AC Discovery
When run over IEEE 802.3, LWAPP messages are distributed to a When run over IEEE 802.3, LWAPP messages are distributed to a
specific MAC level broadcast domain. The AC discovery mechanism used specific MAC level broadcast domain. The AC discovery mechanism used
with this transport is for an WTP to transmit a Discovery Request with this transport is for an WTP to transmit a Discovery Request
message to a broadcast destination MAC address. The ACs will receive message to a broadcast destination MAC address. The ACs will receive
this message and reply based on their policy. this message and reply based on their policy.
3.2.3 LWAPP Message Header format over IEEE 802.3 MAC transport 3.2.3. LWAPP Message Header format over IEEE 802.3 MAC transport
All of the fields described in Section 3.1 are used when LWAPP uses All of the fields described in Section 3.1 are used when LWAPP uses
the IEEE 802.3 MAC transport. the IEEE 802.3 MAC transport.
3.2.4 Fragmentation/Reassembly 3.2.4. Fragmentation/Reassembly
Fragmentation at the MAC layer is managed using the F,L and Frag ID Fragmentation at the MAC layer is managed using the F,L and Frag ID
fields of the LWAPP message header. The LWAPP protocol only allows a fields of the LWAPP message header. The LWAPP protocol only allows a
single packet to be fragmented into 2, which is sufficient for a single packet to be fragmented into 2, which is sufficient for a
frame that exceeds MTU due to LWAPP encapsulation. When used with frame that exceeds MTU due to LWAPP encapsulation. When used with
layer 2 (Ethernet) transport, both fragments MUST include the LWAPP layer 2 (Ethernet) transport, both fragments MUST include the LWAPP
header. header.
3.2.5 Multiplexing 3.2.5. Multiplexing
LWAPP control messages and data messages are distinguished by the C LWAPP control messages and data messages are distinguished by the C
Bit in the LWAPP message header. Bit in the LWAPP message header.
3.3 Using IP/UDP as LWAPP transport 3.3. Using IP/UDP as LWAPP transport
This section defines how LWAPP makes use of IP/UDP transport between This section defines how LWAPP makes use of IP/UDP transport between
the WTP and the AC. When this transport is used, the MAC layer is the WTP and the AC. When this transport is used, the MAC layer is
controlled by the IP stack, and there are therefore no special MAC controlled by the IP stack, and there are therefore no special MAC
layer requirements. The following figure provides an example of the layer requirements. The following figure provides an example of the
frame formats used when LWAPP is used over the IP/UDP transport. IP frame formats used when LWAPP is used over the IP/UDP transport. IP
stacks can be either IPv4 or IPv6. stacks can be either IPv4 or IPv6.
Layer 3 LWAPP Data Frame Layer 3 LWAPP Data Frame
+--------------------------------------------+ +--------------------------------------------+
skipping to change at page 24, line 38 skipping to change at page 24, line 37
|Forwarded Data ... | |Forwarded Data ... |
+-------------------+ +-------------------+
Layer 3 LWAPP Control Frame Layer 3 LWAPP Control Frame
+--------------------------------------------+ +--------------------------------------------+
| MAC Header | IP | UDP | LWAPP Header [C=1] | | MAC Header | IP | UDP | LWAPP Header [C=1] |
+--------------------------------------------+ +--------------------------------------------+
| Control Message | Message Elements ... | | Control Message | Message Elements ... |
+-----------------+----------------------+ +-----------------+----------------------+
3.3.1 Framing 3.3.1. Framing
Communication between WTP and AC is established according to the Communication between WTP and AC is established according to the
standard UDP client/server model. The connection is initiated by the standard UDP client/server model. The connection is initiated by the
WTP (client) to the well-known UDP port of the AC (server) used for WTP (client) to the well-known UDP port of the AC (server) used for
control messages. This UDP port number of the AC is 12222 for LWAPP control messages. This UDP port number of the AC is 12222 for LWAPP
data and 12223 for LWAPP control frames. data and 12223 for LWAPP control frames.
3.3.2 AC Discovery 3.3.2. AC Discovery
When LWAPP is run over routed IP networks, the WTP and the AC do not When LWAPP is run over routed IP networks, the WTP and the AC do not
need to reside in the same IP subnet (broadcast domain). However, in need to reside in the same IP subnet (broadcast domain). However, in
the event the peers reside on separate subnets, there must exist a the event the peers reside on separate subnets, there must exist a
mechanism for the WTP to discover the AC. mechanism for the WTP to discover the AC.
As the WTP attempts to establish communication with the AC, it sends As the WTP attempts to establish communication with the AC, it sends
the Discovery Request message and receives the corresponding response the Discovery Request message and receives the corresponding response
message from the AC. The WTP must send the Discovery Request message message from the AC. The WTP must send the Discovery Request message
to either the limited broadcast IP address (255.255.255.255), a well to either the limited broadcast IP address (255.255.255.255), a well
skipping to change at page 25, line 32 skipping to change at page 25, line 31
schemes are possible, for example: schemes are possible, for example:
DHCP: A comma delimited ASCII encoded list of AC IP addresses is DHCP: A comma delimited ASCII encoded list of AC IP addresses is
embedded inside a DHCP vendor specific option 43 extension. An embedded inside a DHCP vendor specific option 43 extension. An
example of the actual format of the vendor specific payload for example of the actual format of the vendor specific payload for
IPv4 is of the form "10.1.1.1, 10.1.1.2". IPv4 is of the form "10.1.1.1, 10.1.1.2".
DNS: The DNS name "LWAPP-AC-Address" MAY be resolvable to or more AC DNS: The DNS name "LWAPP-AC-Address" MAY be resolvable to or more AC
addresses addresses
3.3.3 LWAPP Message Header format over IP/UDP transport 3.3.3. LWAPP Message Header format over IP/UDP transport
All of the fields described in Section 3.1 are used when LWAPP uses All of the fields described in Section 3.1 are used when LWAPP uses
the IPv4/UDP or IPv6/UDP transport, with the following exceptions: the IPv4/UDP or IPv6/UDP transport, with the following exceptions:
3.3.3.1 F Bit 3.3.3.1. F Bit
This flag field is not used with this transport, and MUST be set to This flag field is not used with this transport, and MUST be set to
zero. zero.
3.3.3.2 L Bit 3.3.3.2. L Bit
This flag field is not used with this transport, and MUST be set to This flag field is not used with this transport, and MUST be set to
zero. zero.
3.3.3.3 Frag ID 3.3.3.3. Frag ID
This field is not used with this transport, and MUST be set to zero. This field is not used with this transport, and MUST be set to zero.
3.3.4 Fragmentation/Reassembly for IPv4 3.3.4. Fragmentation/Reassembly for IPv4
When LWAPP is implemented at L3, the transport layer uses IP When LWAPP is implemented at L3, the transport layer uses IP
fragmentation to fragment and reassemble LWAPP messages that are fragmentation to fragment and reassemble LWAPP messages that are
longer than MTU size used by either WTP or AC. The details of IP longer than MTU size used by either WTP or AC. The details of IP
fragmentation are covered in [8]. When used with the IP transport, fragmentation are covered in [8]. When used with the IP transport,
only the first fragment would include the LWAPP header only the first fragment would include the LWAPP header
[ed: IP fragmentation may raise security concerns and bring [ed: IP fragmentation may raise security concerns and bring
additional configuration requirements for certain firewalls and NATs. additional configuration requirements for certain firewalls and NATs.
One alternative is to re-use the layer 2 (application layer) One alternative is to re-use the layer 2 (application layer)
fragmentation reassembly. Comments are welcomed.] fragmentation reassembly. Comments are welcomed.]
3.3.5 Fragmentation/Reassembly for IPv6 3.3.5. Fragmentation/Reassembly for IPv6
IPv6 does MTU discovery so fragmentation and re-assembly is not IPv6 does MTU discovery so fragmentation and re-assembly is not
necessary for UDP packets. necessary for UDP packets.
3.3.6 Multiplexing 3.3.6. Multiplexing
LWAPP messages convey control information between WTP and AC, as well LWAPP messages convey control information between WTP and AC, as well
as binding specific data frames or binding specific management as binding specific data frames or binding specific management
frames. As such, LWAPP messages need to be multiplexed in the frames. As such, LWAPP messages need to be multiplexed in the
transport sub-layer and be delivered to the proper software entities transport sub-layer and be delivered to the proper software entities
in the endpoints of the protocol. However, the 'C' bit is still used in the endpoints of the protocol. However, the 'C' bit is still used
to differentiate between data and control frames. to differentiate between data and control frames.
In case of Layer 3 connection, multiplexing is achieved by use of In case of Layer 3 connection, multiplexing is achieved by use of
different UDP ports for control and data packets (see Section 3.3.1. different UDP ports for control and data packets (see Section 3.3.1.
skipping to change at page 27, line 15 skipping to change at page 27, line 15
4. LWAPP Packet Definitions 4. LWAPP Packet Definitions
This section contains the packet types and format. The LWAPP This section contains the packet types and format. The LWAPP
protocol is designed to be transport agnostic by specifying packet protocol is designed to be transport agnostic by specifying packet
formats for both MAC frames and IP packets. An LWAPP packet consists formats for both MAC frames and IP packets. An LWAPP packet consists
of an LWAPP Transport Layer packet header followed by an LWAPP of an LWAPP Transport Layer packet header followed by an LWAPP
message. message.
Transport details can be found in Section 3. Transport details can be found in Section 3.
4.1 LWAPP Data Messages 4.1. LWAPP Data Messages
An LWAPP data message is a forwarded wireless frame. When forwarding An LWAPP data message is a forwarded wireless frame. When forwarding
wireless frames, the sender simply encapsulates the wireless frame in wireless frames, the sender simply encapsulates the wireless frame in
an LWAPP data packet, using the appropriate transport rules defined an LWAPP data packet, using the appropriate transport rules defined
in section Section 3. in section Section 3.
In the event that the encapsulated frame would exceed the transport In the event that the encapsulated frame would exceed the transport
layer's MTU, the sender is responsible for the fragmentation of the layer's MTU, the sender is responsible for the fragmentation of the
frame, as specified in the transport specific section of Section 3. frame, as specified in the transport specific section of Section 3.
The actual format of the encapsulated LWAPP data frame is subject to The actual format of the encapsulated LWAPP data frame is subject to
the rules defined under the specific wireless technology binding. the rules defined under the specific wireless technology binding.
4.2 LWAPP Control Messages Overview 4.2. LWAPP Control Messages Overview
The LWAPP Control protocol provides a control channel between the WTP The LWAPP Control protocol provides a control channel between the WTP
and the AC. The control channel is the series of control messages and the AC. The control channel is the series of control messages
between the WTP and AC, associated with a session ID and key. between the WTP and AC, associated with a session ID and key.
Control messages are divided into the following distinct message Control messages are divided into the following distinct message
types: types:
Discovery: LWAPP Discovery messages are used to identify potential Discovery: LWAPP Discovery messages are used to identify potential
ACs, their load and capabilities. ACs, their load and capabilities.
skipping to change at page 28, line 17 skipping to change at page 28, line 17
Firmware Management: Messages in this category are used by the AC to Firmware Management: Messages in this category are used by the AC to
push a new firmware image down to the WTP. push a new firmware image down to the WTP.
Control Channel, WTP Configuration and Mobile Session Management MUST Control Channel, WTP Configuration and Mobile Session Management MUST
be implemented. Firmware Management MAY be implemented. be implemented. Firmware Management MAY be implemented.
In addition, technology specific bindings may introduce new control In addition, technology specific bindings may introduce new control
channel commands that depart from the above list. channel commands that depart from the above list.
4.2.1 Control Message Format 4.2.1. Control Message Format
All LWAPP control messages are sent encapsulated within the LWAPP All LWAPP control messages are sent encapsulated within the LWAPP
header (see Section 3.1). Immediately following the header, is the header (see Section 3.1). Immediately following the header, is the
LWAPP control header, which has the following format: LWAPP control header, which has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Message Type | Seq Num | Msg Element Length | | Message Type | Seq Num | Msg Element Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session ID | | Session ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Msg Element [0..N] | | Msg Element [0..N] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
4.2.1.1 Message Type 4.2.1.1. Message Type
The Message Type field identifies the function of the LWAPP control The Message Type field identifies the function of the LWAPP control
message. The valid values for Message Type are the following: message. The valid values for Message Type are the following:
Description Value Description Value
Discovery Request 1 Discovery Request 1
Discovery Response 2 Discovery Response 2
Join Request 3 Join Request 3
Join Response 4 Join Response 4
Join ACK 5 Join ACK 5
skipping to change at page 29, line 41 skipping to change at page 29, line 41
Primary Discovery Request 32 Primary Discovery Request 32
Primary Discovery Response 33 Primary Discovery Response 33
Data Transfer Request 34 Data Transfer Request 34
Data Transfer Response 35 Data Transfer Response 35
Clear Config Indication 36 Clear Config Indication 36
WLAN Config Request 37 WLAN Config Request 37
WLAN Config Response 38 WLAN Config Response 38
Mobile Config Request 39 Mobile Config Request 39
Mobile Config Response 40 Mobile Config Response 40
4.2.1.2 Sequence Number 4.2.1.2. Sequence Number
The Sequence Number Field is an identifier value to match request/ The Sequence Number Field is an identifier value to match request/
response packet exchanges. When an LWAPP packet with a request response packet exchanges. When an LWAPP packet with a request
message type is received, the value of the sequence number field is message type is received, the value of the sequence number field is
copied into the corresponding response packet. copied into the corresponding response packet.
When an LWAPP control frame is sent, its internal sequence number When an LWAPP control frame is sent, its internal sequence number
counter is monotonically incremented, ensuring that no two requests counter is monotonically incremented, ensuring that no two requests
pending have the same sequence number. This field will wrap back to pending have the same sequence number. This field will wrap back to
zero. zero.
4.2.1.3 Message Element Length 4.2.1.3. Message Element Length
The Length field indicates the number of bytes following the Session The Length field indicates the number of bytes following the Session
ID field. If the LWAPP packet is encrypted, the length field ID field. If the LWAPP packet is encrypted, the length field
includes the AES-CCM MIC (see Section 10.2 for more information). includes the AES-CCM MIC (see Section 10.2 for more information).
4.2.1.4 Session ID 4.2.1.4. Session ID
The Session ID is a 32-bit unsigned integer that is used to identify The Session ID is a 32-bit unsigned integer that is used to identify
the security context for encrypted exchanges between the WTP and the the security context for encrypted exchanges between the WTP and the
AC. Note that a Session ID is a random value that MUST be unique AC. Note that a Session ID is a random value that MUST be unique
between a given AC and any of the WTP it may be communicating with. between a given AC and any of the WTP it may be communicating with.
4.2.1.5 Message Element[0..N] 4.2.1.5. Message Element[0..N]
The message element(s) carry the information pertinent to each of the The message element(s) carry the information pertinent to each of the
control message types. Every control message in this specification control message types. Every control message in this specification
specifies which message elements are permitted. specifies which message elements are permitted.
4.2.2 Message Element Format 4.2.2. Message Element Format
The message element is used to carry information pertinent to a The message element is used to carry information pertinent to a
control message. Every message element is identified by the Type control message. Every message element is identified by the Type
field, whose numbering space is managed via IANA (see Section 16). field, whose numbering space is managed via IANA (see Section 16).
The total length of the message elements is indicated in the Message The total length of the message elements is indicated in the Message
Element Length field. Element Length field.
All of the message element definitions in this document use a diagram All of the message element definitions in this document use a diagram
similar to the one below in order to depict its format. Note that in similar to the one below in order to depict its format. Note that in
order to simplify this specification, these diagrams do not include order to simplify this specification, these diagrams do not include
skipping to change at page 31, line 5 skipping to change at page 31, line 5
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value ... | | Type | Length | Value ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Where Type (8 bit) identifies the character of the information Where Type (8 bit) identifies the character of the information
carried in the Value field and Length (16 bits) indicates the number carried in the Value field and Length (16 bits) indicates the number
of bytes in the Value field. of bytes in the Value field.
4.2.2.1 Generic Message Elements 4.2.2.1. Generic Message Elements
This section includes message elements that are not bound to a This section includes message elements that are not bound to a
specific control message. specific control message.
4.2.2.1.1 Vendor Specific 4.2.2.1.1. Vendor Specific
The Vendor Specific Payload is used to communicate vendor specific The Vendor Specific Payload is used to communicate vendor specific
information between the WTP and the AC. The value contains the information between the WTP and the AC. The value contains the
following format: following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor Identifier | | Vendor Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Element ID | Value... | | Element ID | Value... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 104 for Vendor Specific Type: 104 for Vendor Specific
Length: >= 7 Length: >= 7
Vendor Identifier: A 32-bit value containing the IANA assigned "SMI Vendor Identifier: A 32-bit value containing the IANA assigned "SMI
Network Management Private Enterprise Codes" [14] Network Management Private Enterprise Codes" [13]
Element ID: A 16-bit Element Identifier which is managed by the Element ID: A 16-bit Element Identifier which is managed by the
vendor. vendor.
Value: The value associated with the vendor specific element. Value: The value associated with the vendor specific element.
4.2.3 Quality of Service 4.2.3. Quality of Service
It is recommended that LWAPP control messages be sent by both the AC It is recommended that LWAPP control messages be sent by both the AC
and the WTP with an appropriate Quality of Service precedence value, and the WTP with an appropriate Quality of Service precedence value,
ensuring that congestion in the network minimizes occurences of LWAPP ensuring that congestion in the network minimizes occurences of LWAPP
control channel disconnects. Therefore, a Quality of Service enabled control channel disconnects. Therefore, a Quality of Service enabled
LWAPP device should use: LWAPP device should use:
802.1P: The precedence value of 7 SHOULD be used. 802.1P: The precedence value of 7 SHOULD be used.
DSCP: The dscp tag value of 46 SHOULD be used. DSCP: The dscp tag value of 46 SHOULD be used.
5. LWAPP Discovery Operations 5. LWAPP Discovery Operations
The Discovery messages are used by an WTP to determine which ACs are The Discovery messages are used by an WTP to determine which ACs are
available to provide service, as well as the capabilities and load of available to provide service, as well as the capabilities and load of
the ACs. the ACs.
5.1 Discovery Request 5.1. Discovery Request
The Discovery Request is used by the WTP to automatically discover The Discovery Request is used by the WTP to automatically discover
potential ACs available in the network. An WTP must transmit this potential ACs available in the network. An WTP must transmit this
command even if it has a statically configured AC, as it is a command even if it has a statically configured AC, as it is a
required step in the LWAPP state machine. required step in the LWAPP state machine.
Discovery Requests MUST be sent by an WTP in the Discover state after Discovery Requests MUST be sent by an WTP in the Discover state after
waiting for a random delay less than MaxDiscoveryInterval, after an waiting for a random delay less than MaxDiscoveryInterval, after an
WTP first comes up or is (re)initialized. An WTP MUST send no more WTP first comes up or is (re)initialized. An WTP MUST send no more
than a maximum of MaxDiscoveries discoveries, waiting for a random than a maximum of MaxDiscoveries discoveries, waiting for a random
skipping to change at page 33, line 5 skipping to change at page 33, line 5
The Discovery Request message may be sent as a unicast, broadcast or The Discovery Request message may be sent as a unicast, broadcast or
multicast message. multicast message.
Upon receiving a discovery request, the AC will respond with a Upon receiving a discovery request, the AC will respond with a
Discovery Response sent to the address in the source address of the Discovery Response sent to the address in the source address of the
received discovery request. received discovery request.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
5.1.1 Discovery Type 5.1.1. Discovery Type
The Discovery message element is used to configure an WTP to operate The Discovery message element is used to configure an WTP to operate
in a specific mode. in a specific mode.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Discovery Type| | Discovery Type|
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 58 for Discovery Type Type: 58 for Discovery Type
Length: 1 Length: 1
Discovery Type: An 8-bit value indicating how the AC was discovered. Discovery Type: An 8-bit value indicating how the AC was
The following values are supported: discovered. The following values are supported:
0 - Broadcast 0 - Broadcast
1 - Configured 1 - Configured
5.1.2 WTP Descriptor 5.1.2. WTP Descriptor
The WTP descriptor message element is used by the WTP to communicate The WTP descriptor message element is used by the WTP to communicate
it's current hardware/firmware configuration. The value contains the it's current hardware/firmware configuration. The value contains the
following fields. following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hardware Version | | Hardware Version |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 34, line 26 skipping to change at page 34, line 23
Radios in use: An 8-bit value representing the number of radios Radios in use: An 8-bit value representing the number of radios
present in the WTP present in the WTP
Encryption Capabilities: This 16-bit field is used by the WTP to Encryption Capabilities: This 16-bit field is used by the WTP to
communicate it's capabilities to the AC. Since most WTPs support communicate it's capabilities to the AC. Since most WTPs support
link layer encryption, the AC may make use of these services. link layer encryption, the AC may make use of these services.
There are binding dependent encryption capabilites. An WTP that There are binding dependent encryption capabilites. An WTP that
does not have any encryption capabilities would set this field to does not have any encryption capabilities would set this field to
zero (0). Refer to the specific binding for the specification. zero (0). Refer to the specific binding for the specification.
5.1.3 WTP Radio Information 5.1.3. WTP Radio Information
The WTP radios information message element is used to communicate the The WTP radios information message element is used to communicate the
radio information in a specific slot. The Discovery Request MUST radio information in a specific slot. The Discovery Request MUST
include one such message element per radio in the WTP. The Radio- include one such message element per radio in the WTP. The Radio-
Type field is used by the AC in order to determine which technology Type field is used by the AC in order to determine which technology
specific binding is to be used with the WTP. specific binding is to be used with the WTP.
The value contains two fields, as shown. The value contains two fields, as shown.
0 1 0 1
skipping to change at page 35, line 17 skipping to change at page 35, line 14
1 - 802.11bg: An 802.11bg radio. 1 - 802.11bg: An 802.11bg radio.
2 - 802.11a: An 802.11a radio. 2 - 802.11a: An 802.11a radio.
3 - 802.16: An 802.16 radio. 3 - 802.16: An 802.16 radio.
4 - Ultra Wideband: An UWB radio. 4 - Ultra Wideband: An UWB radio.
7 - all: Used to specify all radios in the WTP. 7 - all: Used to specify all radios in the WTP.
5.2 Discovery Response 5.2. Discovery Response
The Discovery Response is a mechanism by which an AC advertises its The Discovery Response is a mechanism by which an AC advertises its
services to requesting WTPs. services to requesting WTPs.
Discovery Responses are sent by an AC after receiving a Discovery Discovery Responses are sent by an AC after receiving a Discovery
Request. Request.
When an WTP receives a Discovery Response, it MUST wait for an When an WTP receives a Discovery Response, it MUST wait for an
interval not less than DiscoveryInterval for receipt of additional interval not less than DiscoveryInterval for receipt of additional
Discovery Responses. After the DiscoveryInterval elapses, the WTP Discovery Responses. After the DiscoveryInterval elapses, the WTP
enters the Joining state and will select one of the ACs that sent a enters the Joining state and will select one of the ACs that sent a
Discovery Response and send a Join Request to that AC. Discovery Response and send a Join Request to that AC.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
5.2.1 AC Address 5.2.1. AC Address
The AC address message element is used to communicate the identity of The AC address message element is used to communicate the identity of
the AC. The value contains two fields, as shown. the AC. The value contains two fields, as shown.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | MAC Address | | Reserved | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
skipping to change at page 36, line 4 skipping to change at page 35, line 43
The AC address message element is used to communicate the identity of The AC address message element is used to communicate the identity of
the AC. The value contains two fields, as shown. the AC. The value contains two fields, as shown.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | MAC Address | | Reserved | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 2 for AC Address Type: 2 for AC Address
Length: 7 Length: 7
Reserved: MUST be set to zero Reserved: MUST be set to zero
Mac Address: The MAC Address of the AC Mac Address: The MAC Address of the AC
5.2.2 AC Descriptor 5.2.2. AC Descriptor
The AC payload message element is used by the AC to communicate it's The AC payload message element is used by the AC to communicate it's
current state. The value contains the following fields. current state. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | Hardware Version ... | | Reserved | Hardware Version ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HW Ver | Software Version ... | | HW Ver | Software Version ... |
skipping to change at page 37, line 4 skipping to change at page 36, line 42
version number version number
Software Version: A 32-bit integer representing the AC's Firmware Software Version: A 32-bit integer representing the AC's Firmware
version number version number
Stations: A 16-bit integer representing number of mobile stations Stations: A 16-bit integer representing number of mobile stations
currently associated with the AC currently associated with the AC
Limit: A 16-bit integer representing the maximum number of stations Limit: A 16-bit integer representing the maximum number of stations
supported by the AC supported by the AC
Radios: A 16-bit integer representing the number of WTPs currently Radios: A 16-bit integer representing the number of WTPs currently
attached to the AC attached to the AC
Max Radio: A 16-bit integer representing the maximum number of WTPs Max Radio: A 16-bit integer representing the maximum number of WTPs
supported by the AC supported by the AC
Security: A 8 bit bit mask specifying the security schemes
Security: A 8 bit bit mask specifying the security schemes supported supported by the AC. The following values are supported (see
by the AC. The following values are supported (see Section 10): Section 10):
1 - X.509 Certificate Based 1 - X.509 Certificate Based
2 - Pre-Shared Secret 2 - Pre-Shared Secret
5.2.3 AC Name 5.2.3. AC Name
The AC name message element contains an ASCII representation of the The AC name message element contains an ASCII representation of the
AC's identity. The value is a variable length byte string. The AC's identity. The value is a variable length byte string. The
string is NOT zero terminated. string is NOT zero terminated.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Name ... | Name ...
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 31 for AC Name Type: 31 for AC Name
Length: > 0 Length: > 0
Name: A variable length ASCII string containing the AC's name Name: A variable length ASCII string containing the AC's name
5.2.4 WTP Manager Control IPv4 Address 5.2.4. WTP Manager Control IPv4 Address
The WTP Manager Control IPv4 Address message element is sent by the The WTP Manager Control IPv4 Address message element is sent by the
AC to the WTP during the discovery process and is used by the AC to AC to the WTP during the discovery process and is used by the AC to
provide the interfaces available on the AC, and their current load. provide the interfaces available on the AC, and their current load.
This message element is useful for the WTP to perform load balancing This message element is useful for the WTP to perform load balancing
across multiple interfaces. across multiple interfaces.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 38, line 4 skipping to change at page 37, line 45
This message element is useful for the WTP to perform load balancing This message element is useful for the WTP to perform load balancing
across multiple interfaces. across multiple interfaces.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WTP Count | | WTP Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 99 for WTP Manager Control IPv4 Address Type: 99 for WTP Manager Control IPv4 Address
Length: 6 Length: 6
IP Address: The IP Address of an interface. IP Address: The IP Address of an interface.
WTP Count: The number of WTPs currently connected to the interface. WTP Count: The number of WTPs currently connected to the interface.
5.2.5 WTP Manager Control IPv6 Address 5.2.5. WTP Manager Control IPv6 Address
The WTP Manager Control IPv6 Address message element is sent by the The WTP Manager Control IPv6 Address message element is sent by the
AC to the WTP during the discovery process and is used by the AC to AC to the WTP during the discovery process and is used by the AC to
provide the interfaces available on the AC, and their current load. provide the interfaces available on the AC, and their current load.
This message element is useful for the WTP to perform load balancing This message element is useful for the WTP to perform load balancing
across multiple interfaces. across multiple interfaces.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 38, line 34 skipping to change at page 38, line 30
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WTP Count | | WTP Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 142 for WTP Manager Control IPv6 Address Type: 137 for WTP Manager Control IPv6 Address
Length: 18 Length: 6
IP Address: The IP Address of an interface. IP Address: The IP Address of an interface.
WTP Count: The number of WTPs currently connected to the interface. WTP Count: The number of WTPs currently connected to the interface.
5.3 Primary Discovery Request 5.3. Primary Discovery Request
The Primary Discovery Request is sent by the WTP in order to The Primary Discovery Request is sent by the WTP in order to
determine whether its preferred (or primary) AC is available. determine whether its preferred (or primary) AC is available.
Primary Discovery Request are sent by an WTP when it has a primary AC Primary Discovery Request are sent by an WTP when it has a primary AC
configured, and is connected to another AC. This generally occurs as configured, and is connected to another AC. This generally occurs as
a result of a failover, and is used by the WTP as a means to discover a result of a failover, and is used by the WTP as a means to discover
when its primary AC becomes available. As a consequence, this when its primary AC becomes available. As a consequence, this
message is only sent by a WTP when it is in the Run state. message is only sent by a WTP when it is in the Run state.
The frequency of the Primary Discovery Requests should be no more The frequency of the Primary Discovery Requests should be no more
often than the sending of the Echo Request message. often than the sending of the Echo Request message.
Upon receiving a discovery request, the AC will respond with a Upon receiving a discovery request, the AC will respond with a
Primary Discovery Response sent to the address in the source address Primary Discovery Response sent to the address in the source address
of the received Primary Discovery Request. of the received Primary Discovery Request.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
5.3.1 Discovery Type 5.3.1. Discovery Type
The Discovery Type message element is defined in section The Discovery Type message element is defined in section
Section 5.1.1. Section 5.1.1.
5.3.2 WTP Descriptor 5.3.2. WTP Descriptor
The WTP Descriptor message element is defined in section The WTP Descriptor message element is defined in section
Section 5.1.2. Section 5.1.2.
5.3.3 WTP Radio Information 5.3.3. WTP Radio Information
An WTP Radio Information message element must be present for every An WTP Radio Information message element must be present for every
radio in the WTP. This message element is defined in section radio in the WTP. This message element is defined in section
Section 5.1.3. Section 5.1.3.
5.4 Primary Discovery Response 5.4. Primary Discovery Response
The Primary Discovery Response is a mechanism by which an AC The Primary Discovery Response is a mechanism by which an AC
advertises its availability and services to requesting WTPs that are advertises its availability and services to requesting WTPs that are
configured to have the AC as its primary AC. configured to have the AC as its primary AC.
Primary Discovery Responses are sent by an AC after receiving a Primary Discovery Responses are sent by an AC after receiving a
Primary Discovery Request. Primary Discovery Request.
When an WTP receives a Primary Discovery Response, it may opt to When an WTP receives a Primary Discovery Response, it may opt to
establish an LWAPP connection to its primary AC, based on the establish an LWAPP connection to its primary AC, based on the
configuration of the WTP Fallback Status message element on the WTP. configuration of the WTP Fallback Status message element on the WTP.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
5.4.1 AC Descriptor 5.4.1. AC Descriptor
The Discovery Type message element is defined in section The Discovery Type message element is defined in section
Section 5.2.2. Section 5.2.2.
5.4.2 AC Name 5.4.2. AC Name
The AC Name message element is defined in section Section 5.2.3. The AC Name message element is defined in section Section 5.2.3.
5.4.3 WTP Manager Control IPv4 Address 5.4.3. WTP Manager Control IPv4 Address
An WTP Radio Information message element MAY be present for every An WTP Radio Information message element MAY be present for every
radio in the WTP which are reachable via IPv4. This message element radio in the WTP which are reachable via IPv4. This message element
is defined in section Section 5.2.4. is defined in section Section 5.2.4.
5.4.4 WTP Manager Control IPv6 Address 5.4.4. WTP Manager Control IPv6 Address
An WTP Radio Information message element must be present for every An WTP Radio Information message element must be present for every
radio in the WTP which are reachable via IPv6. This message element radio in the WTP which are reachable via IPv6. This message element
is defined in section Section 5.2.5. is defined in section Section 5.2.5.
6. Control Channel Management 6. Control Channel Management
The Control Channel Management messages are used by the WTP and AC to The Control Channel Management messages are used by the WTP and AC to
create and maintain a channel of communication on which various other create and maintain a channel of communication on which various other
commands may be transmitted, such as configuration, firmware update, commands may be transmitted, such as configuration, firmware update,
etc. etc.
6.1 Join Request 6.1. Join Request
The Join Request is used by an WTP to inform an AC that it wishes to The Join Request is used by an WTP to inform an AC that it wishes to
provide services through it. provide services through it.
Join Requests are sent by an WTP in the Joining state after receiving Join Requests are sent by an WTP in the Joining state after receiving
one or more Discovery Responses. The Join Request is also used as an one or more Discovery Responses. The Join Request is also used as an
MTU discovery mechanism by the WTP. The WTP issues a Join Request MTU discovery mechanism by the WTP. The WTP issues a Join Request
with a Test message element, bringing the total size of the message with a Test message element, bringing the total size of the message
to exceed MTU. to exceed MTU.
skipping to change at page 42, line 8 skipping to change at page 42, line 8
that is derived from the PSK. that is derived from the PSK.
A Join Request that includes both a WNonce and a Certificate message A Join Request that includes both a WNonce and a Certificate message
element MUST be considered invalid. element MUST be considered invalid.
Details on the key generation is found in Section 10. Details on the key generation is found in Section 10.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.1.1 WTP Descriptor 6.1.1. WTP Descriptor
The WTP Descriptor message element is defined in section The WTP Descriptor message element is defined in section
Section 5.1.2. Section 5.1.2.
6.1.2 AC Address 6.1.2. AC Address
The AC Address message element is defined in section Section 5.2.1. The AC Address message element is defined in section Section 5.2.1.
6.1.3 WTP Name 6.1.3. WTP Name
The WTP name message element value is a variable length byte string. The WTP name message element value is a variable length byte string.
The string is NOT zero terminated. The string is NOT zero terminated.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Name ... | Name ...
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 5 for WTP Name Type: 5 for WTP Name
Length: > 0 Length: > 0
Name: A non zero terminated string containing the WTP's name. Name: A non zero terminated string containing the WTP's name.
6.1.4 Location Data 6.1.4. Location Data
The location data message element is a variable length byte string The location data message element is a variable length byte string
containing user defined location information (e.g. "Next to containing user defined location information (e.g. "Next to
Fridge"). The string is NOT zero terminated. Fridge"). The string is NOT zero terminated.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Location ... | Location ...
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 35 for Location Data Type: 35 for Location Data
Length: > 0 Length: > 0
Location: A non zero terminated string containing the WTP's Location: A non zero terminated string containing the WTP's
location. location.
6.1.5 WTP Radio Information 6.1.5. WTP Radio Information
An WTP Radio Information message element must be present for every An WTP Radio Information message element must be present for every
radio in the WTP. This message element is defined in section radio in the WTP. This message element is defined in section
Section 5.1.3. Section 5.1.3.
6.1.6 Certificate 6.1.6. Certificate
The certificate message element value is a byte string containing a The certificate message element value is a byte string containing a
DER-encoded x.509v3 certificate. This message element is only DER-encoded x.509v3 certificate. This message element is only
included if the LWAPP security type used between the WTP and the AC included if the LWAPP security type used between the WTP and the AC
makes use of certificates (see Section 10 for more information). makes use of certificates (see Section 10 for more information).
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Certificate... | Certificate...
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 44 for Certificate Type: 44 for Certificate
Length: > 0 Length: > 0
Certificate: A non zero terminated string containing the device's Certificate: A non zero terminated string containing the device's
certificate. certificate.
6.1.7 Session ID 6.1.7. Session ID
The session ID message element value contains a randomly generated The session ID message element value contains a randomly generated
[4] unsigned 32-bit integer. [4] unsigned 32-bit integer.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session ID | | Session ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 44, line 4 skipping to change at page 43, line 47
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Session ID | | Session ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 45 for Session ID Type: 45 for Session ID
Length: 4 Length: 4
Session ID: 32 bit random session identifier. Session ID: 32 bit random session identifier.
6.1.8 Test 6.1.8. Test
The test message element is used as padding to perform MTU discovery, The test message element is used as padding to perform MTU discovery,
and MAY contain any value, of any length. and MAY contain any value, of any length.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Padding ... | Padding ...
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 18 for Test Type: 18 for Test
Length: > 0 Length: > 0
Padding: A variable length pad. Padding: A variable length pad.
6.1.9 XNonce 6.1.9. XNonce
The XNonce is used by the WTP to communicate its random nonce during The XNonce is used by the WTP to communicate its random nonce during
the join or rekey phase. See Section 10 for more information. the join or rekey phase. See Section 10 for more information.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
skipping to change at page 44, line 46 skipping to change at page 44, line 45
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 111 for XNonce Type: 111 for XNonce
Length: 16 Length: 16
Nonce: 1 16 octet random nonce. Nonce: 1 16 octet random nonce.
6.2 Join Response 6.2. Join Response
The Join Response is sent by the AC to indicate to an WTP whether it The Join Response is sent by the AC to indicate to an WTP whether it
is capable and willing to provide service to it. is capable and willing to provide service to it.
Join Responses are sent by the AC after receiving a Join Request. Join Responses are sent by the AC after receiving a Join Request.
Once the Join Response has been sent, the heartbeat timer is Once the Join Response has been sent, the heartbeat timer is
initiated for the session to EchoInterval. Expiration of the timer initiated for the session to EchoInterval. Expiration of the timer
will result in deletion of the AC-WTP session. The timer is will result in deletion of the AC-WTP session. The timer is
refreshed upon receipt of the Echo Request. refreshed upon receipt of the Echo Request.
skipping to change at page 45, line 27 skipping to change at page 45, line 22
in the transmission of the Echo Request. in the transmission of the Echo Request.
If the security method used is pre-shared secret based, when a WTP If the security method used is pre-shared secret based, when a WTP
receives a Join Response that includes a valid PSK-MIC message receives a Join Response that includes a valid PSK-MIC message
element, it responds with a Join ACK that also MUST include a locally element, it responds with a Join ACK that also MUST include a locally
computed PSK-MIC message element. computed PSK-MIC message element.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.2.1 Result Code 6.2.1. Result Code
The Result Code message element value is a 32-bit integer value, The Result Code message element value is a 32-bit integer value,
indicating the result of the request operation corresponding to the indicating the result of the request operation corresponding to the
sequence number in the message. The Result Code is included in a sequence number in the message. The Result Code is included in a
successful Join Response. successful Join Response.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Result Code | | Result Code |
skipping to change at page 46, line 5 skipping to change at page 45, line 45
Type: 2 for Result Code Type: 2 for Result Code
Length: 4 Length: 4
Result Code: The following values are defined: Result Code: The following values are defined:
0 Success 0 Success
1 Failure (AC List message element MUST be present) 1 Failure (AC List message element MUST be present)
6.2.2 Status 6.2.2. Status
The Status message element is sent by the AC to the WTP in a non- The Status message element is sent by the AC to the WTP in a non-
successful Join Response message. This message element is used to successful Join Response message. This message element is used to
indicate the reason for the failure and should only be accompanied indicate the reason for the failure and should only be accompanied
with a Result Code message element that indicates a failure. with a Result Code message element that indicates a failure.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Status | | Status |
skipping to change at page 46, line 33 skipping to change at page 46, line 26
The following values are supported: The following values are supported:
1 - Reserved - do not use 1 - Reserved - do not use
2 - Resource Depletion 2 - Resource Depletion
3 - Unknown Source 3 - Unknown Source
4 - Incorrect Data 4 - Incorrect Data
6.2.3 Certificate 6.2.3. Certificate
The Certificate message element is defined in section Section 6.1.6. The Certificate message element is defined in section Section 6.1.6.
Note this message element is only included if the WTP and the AC make Note this message element is only included if the WTP and the AC make
use of certificate based security as defined in section Section 10. use of certificate based security as defined in section Section 10.
6.2.4 WTP Manager Data IPv4 Address 6.2.4. WTP Manager Data IPv4 Address
The WTP Manager Data IPv4 Address message element is optionally sent The WTP Manager Data IPv4 Address message element is optionally sent
by the AC to the WTP during the join phase. If present, the IP by the AC to the WTP during the join phase. If present, the IP
Address contained in this message element is the address the WTP is Address contained in this message element is the address the WTP is
to use when sending any of its LWAPP data frames. to use when sending any of its LWAPP data frames.
Note this message element is only valid when LWAPP uses the IP/UDP Note this message element is only valid when LWAPP uses the IP/UDP
layer 3 transport layer 3 transport
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 143 for WTP Manager Data IPv4 Address Type: 138 for WTP Manager Data IPv4 Address
Length: 4 Length: 4
IP Address: The IP Address of an interface. IP Address: The IP Address of an interface.
6.2.5 WTP Manager Data IPv6 Address 6.2.5. WTP Manager Data IPv6 Address
The WTP Manager Data IPv6 Address message element is optionally sent The WTP Manager Data IPv6 Address message element is optionally sent
by the AC to the WTP during the join phase. If present, the IP by the AC to the WTP during the join phase. If present, the IP
Address contained in this message element is the address the WTP is Address contained in this message element is the address the WTP is
to use when sending any of its LWAPP data frames. to use when sending any of its LWAPP data frames.
Note this message element is only valid when LWAPP uses the IP/UDP Note this message element is only valid when LWAPP uses the IP/UDP
layer 3 transport layer 3 transport
0 1 2 3 0 1 2 3
skipping to change at page 47, line 40 skipping to change at page 47, line 32
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 139 for WTP Manager Data IPv6 Address Type: 139 for WTP Manager Data IPv6 Address
Length: 16 Length: 4
IP Address: The IP Address of an interface. IP Address: The IP Address of an interface.
6.2.6 AC IPv4 List 6.2.6. AC IPv4 List
The AC List message element is used to configure an WTP with the The AC List message element is used to configure an WTP with the
latest list of ACs in a cluster. This message element MUST be latest list of ACs in a cluster. This message element MUST be
included if the Join Response returns a failure indicating that the included if the Join Response returns a failure indicating that the
AC cannot handle the WTP at this time, allowing the WTP to find an AC cannot handle the WTP at this time, allowing the WTP to find an
alternate AC to connect to. alternate AC to connect to.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 48, line 11 skipping to change at page 48, line 4
latest list of ACs in a cluster. This message element MUST be latest list of ACs in a cluster. This message element MUST be
included if the Join Response returns a failure indicating that the included if the Join Response returns a failure indicating that the
AC cannot handle the WTP at this time, allowing the WTP to find an AC cannot handle the WTP at this time, allowing the WTP to find an
alternate AC to connect to. alternate AC to connect to.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AC IP Address[] | | AC IP Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 59 for AC List Type: 59 for AC List
Length: >= 4 Length: >= 4
AC IP Address: An array of 32-bit integers containing an AC's IPv4 AC IP Address: An array of 32-bit integers containing an AC's IPv4
Address. Address.
6.2.7 AC IPv6 List 6.2.7. AC IPv6 List
The AC List message element is used to configure an WTP with the The AC List message element is used to configure an WTP with the
latest list of ACs in a cluster. This message element MUST be latest list of ACs in a cluster. This message element MUST be
included if the Join Response returns a failure indicating that the included if the Join Response returns a failure indicating that the
AC cannot handle the WTP at this time, allowing the WTP to find an AC cannot handle the WTP at this time, allowing the WTP to find an
alternate AC to connect to. alternate AC to connect to.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 48, line 41 skipping to change at page 48, line 33
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AC IP Address[] | | AC IP Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AC IP Address[] | | AC IP Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AC IP Address[] | | AC IP Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 141 for AC List Type: 141 for AC List
Length: >= 16 Length: >= 4
AC IP Address: An array of 32-bit integers containing an AC's IPv6 AC IP Address: An array of 32-bit integers containing an AC's IPv6
Address. Address.
6.2.8 ANonce 6.2.8. ANonce
The ANonce message element is sent by a AC during the join or rekey The ANonce message element is sent by a AC during the join or rekey
phase. The contents of the ANonce are encrypted as described in phase. The contents of the ANonce are encrypted as described in
section Section 10 for more information. section Section 10 for more information.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 49, line 24 skipping to change at page 49, line 23
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 108 for ANonce Type: 108 for ANonce
Length: 16 Length: 16
Nonce: An encrypted 16 octet random nonce. Nonce: An encrypted 16 octet random nonce.
6.2.9 PSK-MIC 6.2.9. PSK-MIC
The PSK-MIC message element includes a message integrity check, whose The PSK-MIC message element includes a message integrity check, whose
purpose is to provide confirmation to the peer that the sender has purpose is to provide confirmation to the peer that the sender has
the proper session key. This message element is only included if the the proper session key. This message element is only included if the
security method used between the WTP and the AC is the pre-shared security method used between the WTP and the AC is the pre-shared
secret mechanism. See Section 10 for more information. secret mechanism. See Section 10 for more information.
When present, the PSK-MIC message element MUST be the last message When present, the PSK-MIC message element MUST be the last message
element in the message. The MIC is computed over the complete LWAPP element in the message. The MIC is computed over the complete LWAPP
packet, from the LWAPP control header as defined in Section 4.2.1 to packet, from the LWAPP control header as defined in Section 4.2.1 to
skipping to change at page 50, line 4 skipping to change at page 49, line 45
The MIC field in this message element and the sequence number field The MIC field in this message element and the sequence number field
in the LWAPP control header MUST be set to zeroes prior to computing in the LWAPP control header MUST be set to zeroes prior to computing
the MIC. The length field in the LWAPP control header must already the MIC. The length field in the LWAPP control header must already
include this message element prior to computing the MIC. include this message element prior to computing the MIC.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SPI | MIC ... | SPI | MIC ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 109 for PSK-MIC Type: 109 for PSK-MIC
Length: > 1 Length: > 1
SPI: The SPI field specifies the cryptographic algorithm used to SPI: The SPI field specifies the cryptographic algorithm used to
create the message integrity check. The following values are create the message integrity check. The following values are
supported: supported:
0 - Unused 0 - Unused
1 - HMAC-SHA-1 (RFC 2104 [17]) 1 - HMAC-SHA-1 (RFC 2104 [16])
1 - AES-CMAC ([13])
MIC: A 20 octet Message Integrity Check. MIC: A 20 octet Message Integrity Check.
6.3 Join ACK 6.3. Join ACK
The Join ACK message is sent by the WTP upon receiving a Join The Join ACK message is sent by the WTP upon receiving a Join
Response, which has a valid PSK-MIC message element, as a means of Response, which has a valid PSK-MIC message element, as a means of
providing key confirmation to the AC. The Join ACK is only used in providing key confirmation to the AC. The Join ACK is only used in
the case where the WTP makes use of the pre-shared key LWAPP mode the case where the WTP makes use of the pre-shared key LWAPP mode
(See Section 10 for more information). (See Section 10 for more information).
Note that the AC should never receive this message unless the Note that the AC should never receive this message unless the
security method used between the WTP and the AC is pre-shared secret security method used between the WTP and the AC is pre-shared secret
based. based.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.3.1 Session ID 6.3.1. Session ID
The Session ID message element is defined in section Section 6.1.7. The Session ID message element is defined in section Section 6.1.7.
6.3.2 WNonce 6.3.2. WNonce
The WNonce message element is sent by a WTP during the join or rekey The WNonce message element is sent by a WTP during the join or rekey
phase. The contents of the ANonce are encrypted as described in phase. The contents of the ANonce are encrypted as described in
section Section 10 for more information. section Section 10 for more information.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 51, line 16 skipping to change at page 51, line 4
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nonce | | Nonce |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 107 for WNonce Type: 107 for WNonce
Length: 16 Length: 16
Nonce: An encrypted 16 octet random nonce. Nonce: An encrypted 16 octet random nonce.
6.3.3 PSK-MIC 6.3.3. PSK-MIC
The PSK-MIC message element is defined in section Section 6.2.9. The PSK-MIC message element is defined in section Section 6.2.9.
6.4 Join Confirm 6.4. Join Confirm
The Join Confirm message is sent by the AC upon receiving a Join ACK, The Join Confirm message is sent by the AC upon receiving a Join ACK,
which has a valid PSK-MIC message element, as a means of providing which has a valid PSK-MIC message element, as a means of providing
key confirmation to the WTP. The Join Confirm is only used in the key confirmation to the WTP. The Join Confirm is only used in the
case where the WTP makes use of the pre-shared key LWAPP mode (See case where the WTP makes use of the pre-shared key LWAPP mode (See
Section 10 for more information). Section 10 for more information).
If the security method used is pre-shared key based, when an WTP If the security method used is pre-shared key based, when an WTP
receives a Join Confirm it enters the Joined state and initiates receives a Join Confirm it enters the Joined state and initiates
either a Configure Request or Image Data to the AC to which it is now either a Configure Request or Image Data to the AC to which it is now
joined. Upon entering the Joined state, the WTP begins timing an joined. Upon entering the Joined state, the WTP begins timing an
interval equal to NeighborDeadInterval. Expiration of the timer will interval equal to NeighborDeadInterval. Expiration of the timer will
result in the transmission of the Echo Request. result in the transmission of the Echo Request.
This message is never received, or sent, when the security type used This message is never received, or sent, when the security type used
between the WTP and the AC is certificated based. between the WTP and the AC is certificated based.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.4.1 Session ID 6.4.1. Session ID
The Session ID message element is defined in section Section 6.1.7. The Session ID message element is defined in section Section 6.1.7.
6.4.2 PSK-MIC 6.4.2. PSK-MIC
The PSK-MIC message element is defined in section Section 6.2.9. The PSK-MIC message element is defined in section Section 6.2.9.
6.5 Echo Request 6.5. Echo Request
The Echo Request message is a keepalive mechanism for the LWAPP The Echo Request message is a keepalive mechanism for the LWAPP
control message. control message.
Echo Requests are sent periodically by an WTP in the Run state (see Echo Requests are sent periodically by an WTP in the Run state (see
Figure 2) to determine the state of the connection between the WTP Figure 2) to determine the state of the connection between the WTP
and the AC. The Echo Request is sent by the WTP when the Heartbeat and the AC. The Echo Request is sent by the WTP when the Heartbeat
timer expires, and it MUST start its NeighborDeadInterval timer. timer expires, and it MUST start its NeighborDeadInterval timer.
The Echo Request carries no message elements. The Echo Request carries no message elements.
When an AC receives an Echo Request it responds with an Echo When an AC receives an Echo Request it responds with an Echo
Response. Response.
6.6 Echo Response 6.6. Echo Response
The Echo Response acknowledges the Echo Request, and are only The Echo Response acknowledges the Echo Request, and are only
accepted while in the Run state (see Figure 2). accepted while in the Run state (see Figure 2).
Echo Responses are sent by an AC after receiving an Echo Request. Echo Responses are sent by an AC after receiving an Echo Request.
After transmitting the Echo Response, the AC should reset its After transmitting the Echo Response, the AC should reset its
Heartbeat timer to expire in the value configured for EchoInterval. Heartbeat timer to expire in the value configured for EchoInterval.
If another Echo request is not received by the AC when the timer If another Echo request is not received by the AC when the timer
expires, the AC SHOULD consider the WTP to no longer be reachable. expires, the AC SHOULD consider the WTP to no longer be reachable.
The Echo Response carries no message elements. The Echo Response carries no message elements.
When an WTP receives an Echo Response it stops the When an WTP receives an Echo Response it stops the
NeighborDeadInterval timer, and starts the Heartbeat timer to NeighborDeadInterval timer, and starts the Heartbeat timer to
EchoInterval. EchoInterval.
If the NeighborDeadInterval timer expires prior to receiving an Echo If the NeighborDeadInterval timer expires prior to receiving an Echo
Response, the WTP enters the Idle state. Response, the WTP enters the Idle state.
6.7 Key Update Request 6.7. Key Update Request
The Key Update Request is used by the WTP to initiate the rekeying The Key Update Request is used by the WTP to initiate the rekeying
phase. This message is sent by a WTP when in the Run state and MUST phase. This message is sent by a WTP when in the Run state and MUST
include a new unique Session Identifier. This message MUST also include a new unique Session Identifier. This message MUST also
include a unique Nonce in the XNonce message element, which is used include a unique Nonce in the XNonce message element, which is used
to protect against replay attacks (see Section 10). to protect against replay attacks (see Section 10).
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.7.1 Session ID 6.7.1. Session ID
The Session ID message element is defined in section Section 6.1.7. The Session ID message element is defined in section Section 6.1.7.
6.7.2 XNonce 6.7.2. XNonce
The XNonce message element is defined in section Section 6.1.9. The XNonce message element is defined in section Section 6.1.9.
6.8 Key Update Response 6.8. Key Update Response
The Key Update Response is sent by the AC in response to the request The Key Update Response is sent by the AC in response to the request
message, and includes an encrypted ANonce, which is used to derive message, and includes an encrypted ANonce, which is used to derive
new session keys. This message MUST include a Session Identifier new session keys. This message MUST include a Session Identifier
message element, whose value MUST be identical to the one found in message element, whose value MUST be identical to the one found in
the Key Update Request. the Key Update Request.
The AC MUST include a PSK-MIC message element, which provides message The AC MUST include a PSK-MIC message element, which provides message
integrity over the whole message. integrity over the whole message.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.8.1 Session ID 6.8.1. Session ID
The Session ID message element is defined in section Section 6.1.7. The Session ID message element is defined in section Section 6.1.7.
6.8.2 ANonce 6.8.2. ANonce
The ANonce message element is defined in section Section 6.2.8. The ANonce message element is defined in section Section 6.2.8.
6.8.3 PSK-MIC 6.8.3. PSK-MIC
The PSK-MIC message element is defined in section Section 6.2.9. The PSK-MIC message element is defined in section Section 6.2.9.
6.9 Key Update ACK 6.9. Key Update ACK
The Key Update ACK is sent by the WTP and includes an encryption The Key Update ACK is sent by the WTP and includes an encryption
version of the WTP's Nonce, which is used in the key derivation version of the WTP's Nonce, which is used in the key derivation
process. The session keys derived are then used as new LWAPP control process. The session keys derived are then used as new LWAPP control
message encryption keys (see Section 10). message encryption keys (see Section 10).
The WTP MUST include a PSK-MIC message element, which provides The WTP MUST include a PSK-MIC message element, which provides
message integrity over the whole message. message integrity over the whole message.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.9.1 WNonce 6.9.1. WNonce
The WNonce message element is defined in section Section 6.3.2. The WNonce message element is defined in section Section 6.3.2.
6.9.2 PSK-MIC 6.9.2. PSK-MIC
The PSK-MIC message element is defined in section Section 6.2.9. The PSK-MIC message element is defined in section Section 6.2.9.
6.10 Key Update Confirm 6.10. Key Update Confirm
The Key Update Confirm closes the rekeying loop, and allows the WTP The Key Update Confirm closes the rekeying loop, and allows the WTP
to recognize that the AC has received and processed the key update to recognize that the AC has received and processed the key update
messages. At this point, the WTP updates its session key in its messages. At this point, the WTP updates its session key in its
crypto engine, and the associated Initialization Vector, ensuring crypto engine, and the associated Initialization Vector, ensuring
that all future LWAPP control frames are encrypted with the newly that all future LWAPP control frames are encrypted with the newly
derived encryption key. derived encryption key.
The WTP MUST include a PSK-MIC message element, which provides The WTP MUST include a PSK-MIC message element, which provides
message integrity over the whole message. message integrity over the whole message.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.10.1 PSK-MIC 6.10.1. PSK-MIC
The PSK-MIC message element is defined in section Section 6.2.9. The PSK-MIC message element is defined in section Section 6.2.9.
6.11 Key Update Trigger 6.11. Key Update Trigger
The Key Update Trigger is used by the AC to request that a Key Update The Key Update Trigger is used by the AC to request that a Key Update
Request be initiated by the WTP. Request be initiated by the WTP.
Key Update Trigger are sent by an AC in the Run state to inform the Key Update Trigger are sent by an AC in the Run state to inform the
WTP to initiate a Key Update Request message. WTP to initiate a Key Update Request message.
When a WTP receives a Key Update Trigger it generates a key Update When a WTP receives a Key Update Trigger it generates a key Update
Request. Request.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
6.11.1 Session ID 6.11.1. Session ID
The Session ID message element is defined in section Section 6.1.7. The Session ID message element is defined in section Section 6.1.7.
7. WTP Configuration Management 7. WTP Configuration Management
The Wireless Termination Point Configuration messages are used to The Wireless Termination Point Configuration messages are used to
exchange configuration between the AC and the WTP. exchange configuration between the AC and the WTP.
7.1 Configuration Consistency 7.1. Configuration Consistency
The LWAPP protocol provides flexibility in how WTP configuration is The LWAPP protocol provides flexibility in how WTP configuration is
managed. To put it simply, a WTP has one of two options: managed. To put it simply, a WTP has one of two options:
1. WTP retain no configuration and simply abides by the configuration 1. WTP retain no configuration and simply abides by the configuration
provided by the AC. provided by the AC.
2. WTP retain the configuration of parameters provided by the AC that 2. WTP retain the configuration of parameters provided by the AC that
are non-default values. are non-default values.
skipping to change at page 56, line 11 skipping to change at page 56, line 11
possible WTP configuration changes - eliminating the need for possible WTP configuration changes - eliminating the need for
inter-AC communication or the need for all ACs to be aware of the inter-AC communication or the need for all ACs to be aware of the
configuration of all WTPs in the network. configuration of all WTPs in the network.
Once the LWAPP protocol enters the Run state, the WTPs begin to Once the LWAPP protocol enters the Run state, the WTPs begin to
provide service. However, it is quite common for administrators to provide service. However, it is quite common for administrators to
require that configuration changes be made while the network is require that configuration changes be made while the network is
operational. Therefore, the Configuration Update Request is sent by operational. Therefore, the Configuration Update Request is sent by
the AC to the WTP in order to make these changes at run-time. the AC to the WTP in order to make these changes at run-time.
7.2 Configure Request 7.2. Configure Request
The Configure Request message is sent by an WTP to send its current The Configure Request message is sent by an WTP to send its current
configuration to its AC. configuration to its AC.
Configure Requests are sent by an WTP after receiving a Join Configure Requests are sent by an WTP after receiving a Join
Response, while in the Configure state. Response, while in the Configure state.
The Configure Request carries binding specific message elements. The Configure Request carries binding specific message elements.
Refer to the appropriate binding for the definition of this Refer to the appropriate binding for the definition of this
structure. structure.
skipping to change at page 56, line 33 skipping to change at page 56, line 33
When an AC receives a Configure Request it will act upon the content When an AC receives a Configure Request it will act upon the content
of the packet and respond to the WTP with a Configure Response. of the packet and respond to the WTP with a Configure Response.
The Configure Request includes multiple Administrative State message The Configure Request includes multiple Administrative State message
Elements. There is one such message element for the WTP, and then Elements. There is one such message element for the WTP, and then
one per radio in the WTP. one per radio in the WTP.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
7.2.1 Administrative State 7.2.1. Administrative State
The administrative event message element is used to communicate the The administrative event message element is used to communicate the
state of a particular radio. The value contains the following state of a particular radio. The value contains the following
fields. fields.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Admin State | | Radio ID | Admin State |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 57, line 6 skipping to change at page 57, line 6
Type: 27 for Administrative State Type: 27 for Administrative State
Length: 2 Length: 2
Radio ID: An 8-bit value representing the radio to configure. The Radio ID: An 8-bit value representing the radio to configure. The
Radio ID field may also include the value of 0xff, which is used Radio ID field may also include the value of 0xff, which is used
to identify the WTP itself. Therefore, if an AC wishes to change to identify the WTP itself. Therefore, if an AC wishes to change
the administrative state of an WTP, it would include 0xff in the the administrative state of an WTP, it would include 0xff in the
Radio ID field. Radio ID field.
Admin State: An 8-bit value representing the administrative state of Admin State: An 8-bit value representing the administrative state
the radio. The following values are supported: of the radio. The following values are supported:
1 - Enabled 1 - Enabled
2 - Disabled 2 - Disabled
7.2.2 AC Name 7.2.2. AC Name
The AC Name message element is defined in section Section 5.2.3. The AC Name message element is defined in section Section 5.2.3.
7.2.3 AC Name with Index 7.2.3. AC Name with Index
The AC Name with Index message element is sent by the AC to the WTP The AC Name with Index message element is sent by the AC to the WTP
to configure preferred ACs. The number of instances where this to configure preferred ACs. The number of instances where this
message element would be present is equal to the number of ACs message element would be present is equal to the number of ACs
configured on the WTP. configured on the WTP.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Index | AC Name... | Index | AC Name...
skipping to change at page 57, line 39 skipping to change at page 57, line 39
Type: 90 for AC Name with Index Type: 90 for AC Name with Index
Length: 5 Length: 5
Index: The index of the preferred server (e.g., 1=primary, Index: The index of the preferred server (e.g., 1=primary,
2=secondary). 2=secondary).
AC Name: A variable length ASCII string containing the AC's name. AC Name: A variable length ASCII string containing the AC's name.
7.2.4 WTP Board Data 7.2.4. WTP Board Data
The WTP Board Data message element is sent by the WTP to the AC and The WTP Board Data message element is sent by the WTP to the AC and
contains information about the hardware present. contains information about the hardware present.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Card ID | Card Revision | | Card ID | Card Revision |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WTP Model | | WTP Model |
skipping to change at page 58, line 39 skipping to change at page 58, line 39
Card Revision: 4 byte Revision of the card. Card Revision: 4 byte Revision of the card.
WTP Model: 8 byte WTP Model Number. WTP Model: 8 byte WTP Model Number.
WTP Serial Number: 24 byte WTP Serial Number. WTP Serial Number: 24 byte WTP Serial Number.
Reserved: A 4 byte reserved field that MUST be set to zero (0). Reserved: A 4 byte reserved field that MUST be set to zero (0).
Ethernet MAC Address: MAC Address of the WTP's Ethernet interface. Ethernet MAC Address: MAC Address of the WTP's Ethernet interface.
7.2.5 Statistics Timer 7.2.5. Statistics Timer
The statistics timer message element value is used by the AC to The statistics timer message element value is used by the AC to
inform the WTP of the frequency which it expects to receive updated inform the WTP of the frequency which it expects to receive updated
statistics. statistics.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Statistics Timer | | Statistics Timer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 37 for Statistics Timer Type: 37 for Statistics Timer
Length: 2 Length: 2
Statistics Timer: A 16-bit unsigned integer indicating the time, in Statistics Timer: A 16-bit unsigned integer indicating the time, in
seconds seconds
7.2.6 WTP Static IP Address Information 7.2.6. WTP Static IP Address Information
The WTP Static IP Address Information message element is used by an The WTP Static IP Address Information message element is used by an
AC to configure or clear a previously configured static IP address on AC to configure or clear a previously configured static IP address on
an WTP. an WTP.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 59, line 41 skipping to change at page 59, line 41
Length: 13 Length: 13
IP Address: The IP Address to assign to the WTP. IP Address: The IP Address to assign to the WTP.
Netmask: The IP Netmask. Netmask: The IP Netmask.
Gateway: The IP address of the gateway. Gateway: The IP address of the gateway.
Netmask: The IP Netmask. Netmask: The IP Netmask.
Static: An 8-bit boolean stating whether the WTP should use a static Static: An 8-bit boolean stating whether the WTP should use a
IP address or not. A value of zero disables the static IP static IP address or not. A value of zero disables the static IP
address, while a value of one enables it. address, while a value of one enables it.
7.2.7 WTP Reboot Statistics 7.2.7. WTP Reboot Statistics
The WTP Reboot Statistics message element is sent by the WTP to the The WTP Reboot Statistics message element is sent by the WTP to the
AC to communicate information about reasons why reboots have AC to communicate information about reasons why reboots have
occurred. occurred.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Crash Count | LWAPP Initiated Count | | Crash Count | LWAPP Initiated Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 60, line 37 skipping to change at page 60, line 37
Failure Type: The last WTP failure. The following values are Failure Type: The last WTP failure. The following values are
supported: supported:
0 - Link Failure 0 - Link Failure
1 - LWAPP Initiated 1 - LWAPP Initiated
2 - WTP Crash 2 - WTP Crash
7.3 Configure Response 7.3. Configure Response
The Configure Response message is sent by an AC and provides an The Configure Response message is sent by an AC and provides an
opportunity for the AC to override an WTP's requested configuration. opportunity for the AC to override an WTP's requested configuration.
Configure Responses are sent by an AC after receiving a Configure Configure Responses are sent by an AC after receiving a Configure
Request. Request.
The Configure Response carries binding specific message elements. The Configure Response carries binding specific message elements.
Refer to the appropriate binding for the definition of this Refer to the appropriate binding for the definition of this
structure. structure.
skipping to change at page 61, line 11 skipping to change at page 61, line 10
When an WTP receives a Configure Response it acts upon the content of When an WTP receives a Configure Response it acts upon the content of
the packet, as appropriate. If the Configure Response message the packet, as appropriate. If the Configure Response message
includes a Change State Event message element that causes a change in includes a Change State Event message element that causes a change in
the operational state of one of the Radio, the WTP will transmit a the operational state of one of the Radio, the WTP will transmit a
Change State Event to the AC, as an acknowledgement of the change in Change State Event to the AC, as an acknowledgement of the change in
state. state.
The following subsections define the message elements that MUST be The following subsections define the message elements that MUST be
included in this LWAPP operation. included in this LWAPP operation.
7.3.1 Decryption Error Report Period 7.3.1. Decryption Error Report Period
The Decryption Error Report Period message element value is used by The Decryption Error Report Period message element value is used by
the AC to inform the WTP how frequently it should send decryption the AC to inform the WTP how frequently it should send decryption
error report messages. error report messages.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Report Interval | | Radio ID | Report Interval |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 61, line 33 skipping to change at page 61, line 32
Type: 38 for Decryption Error Report Period Type: 38 for Decryption Error Report Period
Length: 3 Length: 3
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Report Interval: A 16-bit unsigned integer indicating the time, in Report Interval: A 16-bit unsigned integer indicating the time, in
seconds seconds
7.3.2 Change State Event 7.3.2. Change State Event
The WTP radios information message element is used to communicate the The WTP radios information message element is used to communicate the
operational state of a radio. The value contains two fields, as operational state of a radio. The value contains two fields, as
shown. shown.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | State | Cause | | Radio ID | State | Cause |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 62, line 24 skipping to change at page 62, line 22
Cause: In the event of a radio being inoperable, the cause field Cause: In the event of a radio being inoperable, the cause field
would contain the reason the radio is out of service. The would contain the reason the radio is out of service. The
following values are supported: following values are supported:
0 - Normal 0 - Normal
1 - Radio Failure 1 - Radio Failure
2 - Software Failure 2 - Software Failure
7.3.3 LWAPP Timers 7.3.3. LWAPP Timers
The LWAPP Timers message element is used by an AC to configure LWAPP The LWAPP Timers message element is used by an AC to configure LWAPP
timers on an WTP. timers on an WTP.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discovery | Echo Request | | Discovery | Echo Request |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 68 for LWAPP Timers Type: 68 for LWAPP Timers
Length: 2 Length: 2
Discovery: The number of seconds between LWAPP Discovery packets, Discovery: The number of seconds between LWAPP Discovery packets,
when the WTP is in the discovery mode. when the WTP is in the discovery mode.
Echo Request: The number of seconds between WTP Echo Request LWAPP Echo Request: The number of seconds between WTP Echo Request LWAPP
messages. messages.
7.3.4 AC IPv4 List 7.3.4. AC IPv4 List
The AC List message element is defined in section Section 6.2.6. The AC List message element is defined in section Section 6.2.6.
7.3.5 AC IPv6 List 7.3.5. AC IPv6 List
The AC List message element is defined in section Section 6.2.7. The AC List message element is defined in section Section 6.2.7.
7.3.6 WTP Fallback 7.3.6. WTP Fallback
The WTP Fallback message element is sent by the AC to the WTP to The WTP Fallback message element is sent by the AC to the WTP to
enable or disable automatic LWAPP fallback in the event that an WTP enable or disable automatic LWAPP fallback in the event that an WTP
detects its preferred AC, and is not currently connected to it. detects its preferred AC, and is not currently connected to it.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Mode | | Mode |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
skipping to change at page 63, line 34 skipping to change at page 63, line 30
Mode: The 8-bit boolean value indicates the status of automatic Mode: The 8-bit boolean value indicates the status of automatic
LWAPP fallback on the WTP. A value of zero disables the fallback LWAPP fallback on the WTP. A value of zero disables the fallback
feature, while a value of one enables it. When enabled, if the feature, while a value of one enables it. When enabled, if the
WTP detects that its primary AC is available, and it is not WTP detects that its primary AC is available, and it is not
connected to it, it SHOULD automatically disconnect from its connected to it, it SHOULD automatically disconnect from its
current AC and reconnect to its primary. If disabled, the WTP current AC and reconnect to its primary. If disabled, the WTP
will only reconnect to its primary through manual intervention will only reconnect to its primary through manual intervention
(e.g., through the Reset Request command). (e.g., through the Reset Request command).
7.3.7 Idle Timeout 7.3.7. Idle Timeout
The Idle Timeout message element is sent by the AC to the WTP to The Idle Timeout message element is sent by the AC to the WTP to
provide it with the idle timeout that it should enforce on its active provide it with the idle timeout that it should enforce on its active
mobile station entries. mobile station entries.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Timeout | | Timeout |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 64, line 4 skipping to change at page 63, line 45
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Timeout | | Timeout |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 97 for Idle Timeout Type: 97 for Idle Timeout
Length: 4 Length: 4
Timeout: The current idle timeout to be enforced by the WTP. Timeout: The current idle timeout to be enforced by the WTP.
7.4 Configuration Update Request 7.4. Configuration Update Request
Configure Update Requests are sent by the AC to provision the WTP Configure Update Requests are sent by the AC to provision the WTP
while in the Run state. This is used to modify the configuration of while in the Run state. This is used to modify the configuration of
the WTP while it is operational. the WTP while it is operational.
When an AC receives a Configuration Update Request it will respond When an AC receives a Configuration Update Request it will respond
with a Configuration Update Response, with the appropriate Result with a Configuration Update Response, with the appropriate Result
Code. Code.
The following subsections define the message elements introduced by The following subsections define the message elements introduced by
this LWAPP operation. this LWAPP operation.
7.4.1 WTP Name 7.4.1. WTP Name
The WTP Name message element is defined in section Section 6.1.3. The WTP Name message element is defined in section Section 6.1.3.
7.4.2 Change State Event 7.4.2. Change State Event
The Change State Event message element is defined in section The Change State Event message element is defined in section
Section 7.3.2. Section 7.3.2.
7.4.3 Administrative State 7.4.3. Administrative State
The Administrative State message element is defined in section The Administrative State message element is defined in section
Section 7.2.1. Section 7.2.1.
7.4.4 Statistics Timer 7.4.4. Statistics Timer
The Statistics Timer message element is defined in section The Statistics Timer message element is defined in section
Section 7.2.5. Section 7.2.5.
7.4.5 Location Data 7.4.5. Location Data
The Location Data message element is defined in section The Location Data message element is defined in section
Section 6.1.4. Section 6.1.4.
7.4.6 Decryption Error Report Period 7.4.6. Decryption Error Report Period
The Decryption Error Report Period message element is defined in The Decryption Error Report Period message element is defined in
section Section 7.3.1. section Section 7.3.1.
7.4.7 AC IPv4 List 7.4.7. AC IPv4 List
The AC List message element is defined in section Section 6.2.6. The AC List message element is defined in section Section 6.2.6.
7.4.8 AC IPv6 List 7.4.8. AC IPv6 List
The AC List message element is defined in section Section 6.2.7. The AC List message element is defined in section Section 6.2.7.
7.4.9 Add Blacklist Entry 7.4.9. Add Blacklist Entry
The Add Blacklist Entry message element is used by an AC to add a The Add Blacklist Entry message element is used by an AC to add a
blacklist entry on an WTP, ensuring that the WTP no longer provides blacklist entry on an WTP, ensuring that the WTP no longer provides
any service to the MAC addresses provided in the message. The MAC any service to the MAC addresses provided in the message. The MAC
Addresses provided in this message element are not expected to be Addresses provided in this message element are not expected to be
saved in non-volative memory on the WTP. saved in non-volative memory on the WTP.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 65, line 34 skipping to change at page 65, line 25
Type: 65 for Add Blacklist Entry Type: 65 for Add Blacklist Entry
Length: >= 7 Length: >= 7
Num of Entries: The number of MAC Addresses in the array. Num of Entries: The number of MAC Addresses in the array.
MAC Address: An array of MAC Addresses to add to the blacklist MAC Address: An array of MAC Addresses to add to the blacklist
entry. entry.
7.4.10 Delete Blacklist Entry 7.4.10. Delete Blacklist Entry
The Delete Blacklist Entry message element is used by an AC to delete The Delete Blacklist Entry message element is used by an AC to delete
a previously added blacklist entry on an WTP, ensuring that the WTP a previously added blacklist entry on an WTP, ensuring that the WTP
provides service to the MAC addresses provided in the message. provides service to the MAC addresses provided in the message.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Num of Entries| MAC Address[] | | Num of Entries| MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 66, line 4 skipping to change at page 65, line 38
a previously added blacklist entry on an WTP, ensuring that the WTP a previously added blacklist entry on an WTP, ensuring that the WTP
provides service to the MAC addresses provided in the message. provides service to the MAC addresses provided in the message.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Num of Entries| MAC Address[] | | Num of Entries| MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address[] | | MAC Address[] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 66 for Delete Blacklist Entry Type: 66 for Delete Blacklist Entry
Length: >= 7 Length: >= 7
Num of Entries: The number of MAC Addresses in the array. Num of Entries: The number of MAC Addresses in the array.
MAC Address: An array of MAC Addresses to delete from the blacklist MAC Address: An array of MAC Addresses to delete from the blacklist
entry. entry.
7.4.11 Add Static Blacklist Entry 7.4.11. Add Static Blacklist Entry
The Add Static Blacklist Entry message element is used by an AC to The Add Static Blacklist Entry message element is used by an AC to
add a permanent blacklist entry on an WTP, ensuring that the WTP no add a permanent blacklist entry on an WTP, ensuring that the WTP no
longer provides any service to the MAC addresses provided in the longer provides any service to the MAC addresses provided in the
message. The MAC Addresses provided in this message element are message. The MAC Addresses provided in this message element are
expected to be saved in non-volative memory on the WTP. expected to be saved in non-volative memory on the WTP.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 66, line 38 skipping to change at page 66, line 30
Type: 70 for Delete Blacklist Entry Type: 70 for Delete Blacklist Entry
Length: >= 7 Length: >= 7
Num of Entries: The number of MAC Addresses in the array. Num of Entries: The number of MAC Addresses in the array.
MAC Address: An array of MAC Addresses to add to the permanent MAC Address: An array of MAC Addresses to add to the permanent
blacklist entry. blacklist entry.
7.4.12 Delete Static Blacklist Entry 7.4.12. Delete Static Blacklist Entry
The Delete Static Blacklist Entry message element is used by an AC to The Delete Static Blacklist Entry message element is used by an AC to
delete a previously added static blacklist entry on an WTP, ensuring delete a previously added static blacklist entry on an WTP, ensuring
that the WTP provides service to the MAC addresses provided in the that the WTP provides service to the MAC addresses provided in the
message. message.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Num of Entries| MAC Address[] | | Num of Entries| MAC Address[] |
skipping to change at page 67, line 22 skipping to change at page 67, line 8
Type: 71 for Delete Blacklist Entry Type: 71 for Delete Blacklist Entry
Length: >= 7 Length: >= 7
Num of Entries: The number of MAC Addresses in the array. Num of Entries: The number of MAC Addresses in the array.
MAC Address: An array of MAC Addresses to delete from the static MAC Address: An array of MAC Addresses to delete from the static
blacklist entry. blacklist entry.
7.4.13 LWAPP Timers 7.4.13. LWAPP Timers
The LWAPP Timers message element is defined in section Section 7.3.3. The LWAPP Timers message element is defined in section Section 7.3.3.
7.4.14 AC Name with Index 7.4.14. AC Name with Index
The AC Name with Index message element is defined in section The AC Name with Index message element is defined in section
Section 7.2.3. Section 7.2.3.
7.4.15 WTP Fallback 7.4.15. WTP Fallback
The WTP Fallback message element is defined in section Section 7.3.6. The WTP Fallback message element is defined in section Section 7.3.6.
7.4.16 Idle Timeout 7.4.16. Idle Timeout
The Idle Timeout message element is defined in section Section 7.3.7. The Idle Timeout message element is defined in section Section 7.3.7.
7.5 Configuration Update Response 7.5. Configuration Update Response
The Configuration Update Response is the acknowledgement message for The Configuration Update Response is the acknowledgement message for
the Configuration Update Request. the Configuration Update Request.
Configuration Update Responses are sent by an WTP after receiving a Configuration Update Responses are sent by an WTP after receiving a
Configuration Update Request. Configuration Update Request.
When an AC receives a Configure Update Response the result code When an AC receives a Configure Update Response the result code
indicates if the WTP successfully accepted the configuration. indicates if the WTP successfully accepted the configuration.
The following subsections define the message elements that must be The following subsections define the message elements that must be
present in this LWAPP operation. present in this LWAPP operation.
7.5.1 Result Code 7.5.1. Result Code
The Result Code message element is defined in section Section 6.2.1. The Result Code message element is defined in section Section 6.2.1.
7.6 Change State Event Request 7.6. Change State Event Request
The Change State Event is used by the WTP to inform the AC of a The Change State Event is used by the WTP to inform the AC of a
change in the operational state. change in the operational state.
The Change State Event message is sent by the WTP when it receives a The Change State Event message is sent by the WTP when it receives a
Configuration Response that includes a Change State Event message Configuration Response that includes a Change State Event message
element. It is also sent in the event that the WTP detects an element. It is also sent in the event that the WTP detects an
operational failure with a radio. The Change State Event may be sent operational failure with a radio. The Change State Event may be sent
in either the Configure or Run state (see Figure 2. in either the Configure or Run state (see Figure 2.
When an AC receives a Change State Event it will respond with a When an AC receives a Change State Event it will respond with a
Change State Event Response and make any necessary modifications to Change State Event Response and make any necessary modifications to
internal WTP data structures. internal WTP data structures.
The following subsections define the message elements that must be The following subsections define the message elements that must be
present in this LWAPP operation. present in this LWAPP operation.
7.6.1 Change State Event 7.6.1. Change State Event
The Change State Event message element is defined in section The Change State Event message element is defined in section
Section 7.3.2. Section 7.3.2.
7.7 Change State Event Response 7.7. Change State Event Response
The Change State Event Response acknowledges the Change State Event. The Change State Event Response acknowledges the Change State Event.
Change State Event Response are sent by an WTP after receiving a Change State Event Response are sent by an WTP after receiving a
Change State Event. Change State Event.
The Change State Event Response carries no message elements. Its The Change State Event Response carries no message elements. Its
purpose is to acknowledge the receipt of the Change State Event. purpose is to acknowledge the receipt of the Change State Event.
The WTP does not need to perform any special processing of the Change The WTP does not need to perform any special processing of the Change
State Event Response message. State Event Response message.
7.8 Clear Config Indication 7.8. Clear Config Indication
The Clear Config Indication is used to reset an WTP's configuration. The Clear Config Indication is used to reset an WTP's configuration.
The Clear Config Indication is sent by an AC to request that an WTP The Clear Config Indication is sent by an AC to request that an WTP
reset its configuration to manufacturing defaults. The Clear Config reset its configuration to manufacturing defaults. The Clear Config
Indication message is sent while in the Run LWAPP state. Indication message is sent while in the Run LWAPP state.
The Reset Request carries no message elements. The Reset Request carries no message elements.
When an WTP receives a Clear Config Indication it will reset its When an WTP receives a Clear Config Indication it will reset its
configuration to manufacturing defaults. configuration to manufacturing defaults.
8. Device Management Operations 8. Device Management Operations
This section defines LWAPP operations responsible for debugging, This section defines LWAPP operations responsible for debugging,
gathering statistics, logging, and firmware management. gathering statistics, logging, and firmware management.
8.1 Image Data Request 8.1. Image Data Request
The Image Data Request is used to update firmware on the WTP. This The Image Data Request is used to update firmware on the WTP. This
message and its companion response are used by the AC to ensure that message and its companion response are used by the AC to ensure that
the image being run on each WTP is appropriate. the image being run on each WTP is appropriate.
Image Data Requests are exchanged between the WTP and the AC to Image Data Requests are exchanged between the WTP and the AC to
download a new program image to an WTP. download a new program image to an WTP.
When an WTP or AC receives an Image Data Request it will respond with When an WTP or AC receives an Image Data Request it will respond with
a Image Data Response. a Image Data Response.
The format of the Image Data and Image Download message elements are The format of the Image Data and Image Download message elements are
described in the following subsections. described in the following subsections.
8.1.1 Image Download 8.1.1. Image Download
The image download message element is sent by the WTP to the AC and The image download message element is sent by the WTP to the AC and
contains the image filename. The value is a variable length byte contains the image filename. The value is a variable length byte
string. The string is NOT zero terminated. string. The string is NOT zero terminated.
8.1.2 Image Data 8.1.2. Image Data
The image data message element is present when sent by the AC and The image data message element is present when sent by the AC and
contains the following fields. contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Opcode | Checksum | Image Data | | Opcode | Checksum | Image Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Image Data ... | | Image Data ... |
skipping to change at page 71, line 15 skipping to change at page 70, line 15
3 - Image data is included 3 - Image data is included
5 - An error occurred. Transfer is aborted 5 - An error occurred. Transfer is aborted
Checksum: A 16-bit value containing a checksum of the image data Checksum: A 16-bit value containing a checksum of the image data
that follows that follows
Image Data: The Image Data field contains 1024 characters, unless Image Data: The Image Data field contains 1024 characters, unless
the payload being sent is the last one (end of file) the payload being sent is the last one (end of file)
8.2 Image Data Response 8.2. Image Data Response
The Image Data Response acknowledges the Image Data Request. The Image Data Response acknowledges the Image Data Request.
An Image Data Responses is sent in response to an Image Data Request. An Image Data Responses is sent in response to an Image Data Request.
Its purpose is to acknowledge the receipt of the Image Data Request Its purpose is to acknowledge the receipt of the Image Data Request
packet. packet.
The Image Data Response carries no message elements. The Image Data Response carries no message elements.
No action is necessary on receipt. No action is necessary on receipt.
8.3 Reset Request 8.3. Reset Request
The Reset Request is used to cause an WTP to reboot. The Reset Request is used to cause an WTP to reboot.
Reset Requests are sent by an AC to cause an WTP to reinitialize its Reset Requests are sent by an AC to cause an WTP to reinitialize its
operation. operation.
The Reset Request carries no message elements. The Reset Request carries no message elements.
When an WTP receives a Reset Request it will respond with a Reset When an WTP receives a Reset Request it will respond with a Reset
Response and then reinitialize itself. Response and then reinitialize itself.
8.4 Reset Response 8.4. Reset Response
The Reset Response acknowledges the Reset Request. The Reset Response acknowledges the Reset Request.
Reset Responses are sent by an WTP after receiving a Reset Request. Reset Responses are sent by an WTP after receiving a Reset Request.
The Reset Response carries no message elements. Its purpose is to The Reset Response carries no message elements. Its purpose is to
acknowledge the receipt of the Reset Request. acknowledge the receipt of the Reset Request.
When an AC receives a Reset Response it is notified that the WTP will When an AC receives a Reset Response it is notified that the WTP will
now reinitialize its operation. now reinitialize its operation.
8.5 WTP Event Request 8.5. WTP Event Request
WTP Event Request is used by an WTP to send an information to its AC. WTP Event Request is used by an WTP to send an information to its AC.
These types of events may be periodical, or some asynchronous event These types of events may be periodical, or some asynchronous event
on the WTP. For instance, an WTP collects statistics and uses the on the WTP. For instance, an WTP collects statistics and uses the
WTP Event Request to transmit this information to the AC. WTP Event Request to transmit this information to the AC.
When an AC receives a WTP Event Request it will respond with a WTP When an AC receives a WTP Event Request it will respond with a WTP
Event Request. Event Request.
The WTP Event Request message MUST contain one of the following The WTP Event Request message MUST contain one of the following
message element described in the next subsections, or a message message element described in the next subsections, or a message
element that is defined for a specific technology. element that is defined for a specific technology.
8.5.1 Decryption Error Report 8.5.1. Decryption Error Report
The Decryption Error Report message element value is used by the WTP The Decryption Error Report message element value is used by the WTP
to inform the AC of decryption errors that have occured since the to inform the AC of decryption errors that have occured since the
last report. last report.
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID |Num Of Entries | Mobile MAC Address | | Radio ID |Num Of Entries | Mobile MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 72, line 46 skipping to change at page 71, line 46
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Num Of Entries: An 8-bit unsigned integer indicating the number of Num Of Entries: An 8-bit unsigned integer indicating the number of
mobile MAC addresses. mobile MAC addresses.
Mobile MAC Address: An array of mobile station MAC addresses that Mobile MAC Address: An array of mobile station MAC addresses that
have caused decryption errors. have caused decryption errors.
8.5.2 Duplicate IPv4 Address 8.5.2. Duplicate IPv4 Address
The Duplicate IPv4 Address message element is used by an WTP to The Duplicate IPv4 Address message element is used by an WTP to
inform an AC that it has detected another host using the same IP inform an AC that it has detected another host using the same IP
address it is currently using. address it is currently using.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 73, line 23 skipping to change at page 72, line 23
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 77 for Duplicate IPv4 Address Type: 77 for Duplicate IPv4 Address
Length: 10 Length: 10
IP Address: The IP Address currently used by the WTP. IP Address: The IP Address currently used by the WTP.
MAC Address: The MAC Address of the offending device. MAC Address: The MAC Address of the offending device.
8.5.3 Duplicate IPv6 Address 8.5.3. Duplicate IPv6 Address
The Duplicate IPv6 Address message element is used by an WTP to The Duplicate IPv6 Address message element is used by an WTP to
inform an AC that it has detected another host using the same IP inform an AC that it has detected another host using the same IP
address it is currently using. address it is currently using.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 74, line 4 skipping to change at page 72, line 48
| IP Address | | IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 77 for Duplicate IPv6 Address Type: 77 for Duplicate IPv6 Address
Length: 10 Length: 10
IP Address: The IP Address currently used by the WTP. IP Address: The IP Address currently used by the WTP.
MAC Address: The MAC Address of the offending device. MAC Address: The MAC Address of the offending device.
8.6 WTP Event Response 8.6. WTP Event Response
WTP Event Response acknowledges the WTP Event Request. WTP Event Response acknowledges the WTP Event Request.
WTP Event Response are sent by an AC after receiving a WTP Event WTP Event Response are sent by an AC after receiving a WTP Event
Request. Request.
The WTP Event Response carries no message elements. The WTP Event Response carries no message elements.
8.7 Data Transfer Request 8.7. Data Transfer Request
The Data Transfer Request is used to upload debug information from The Data Transfer Request is used to upload debug information from
the WTP to the AC. the WTP to the AC.
Data Transfer Requests are sent by the WTP to the AC when it Data Transfer Requests are sent by the WTP to the AC when it
determines that it has important information to send to the AC. For determines that it has important information to send to the AC. For
instance, if the WTP detects that its previous reboot was caused by a instance, if the WTP detects that its previous reboot was caused by a
system crash, it would want to send the crash file to the AC. The system crash, it would want to send the crash file to the AC. The
remote debugger function in the WTP also uses the data transfer remote debugger function in the WTP also uses the data transfer
request in order to send console output to the AC for debugging request in order to send console output to the AC for debugging
purposes. purposes.
When an AC receives an Data Transfer Request it will respond with a When an AC receives an Data Transfer Request it will respond with a
Data Transfer Response. The AC may log the information received, as Data Transfer Response. The AC may log the information received, as
it sees fit. it sees fit.
The data transfer request message MUST contain ONE of the following The data transfer request message MUST contain ONE of the following
message element described in the next subsection. message element described in the next subsection.
8.7.1 Data Transfer Mode 8.7.1. Data Transfer Mode
The Data Transfer Mode message element is used by the AC to request The Data Transfer Mode message element is used by the AC to request
information from the WTP for debugging purposes. information from the WTP for debugging purposes.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Data Type | | Data Type |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 52 for Data Transfer Mode Type: 52 for Data Transfer Mode
Length: 1 Length: 1
Data Type: An 8-bit value the type of information being requested. Data Type: An 8-bit value the type of information being requested.
The following values are supported: The following values are supported:
1 - WTP Crash Data 1 - WTP Crash Data
2 - WTP Memory Dump 2 - WTP Memory Dump
8.7.2 Data Transfer Data 8.7.2. Data Transfer Data
The Data Transfer Data message element is used by the WTP to provide The Data Transfer Data message element is used by the WTP to provide
information to the AC for debugging purposes. information to the AC for debugging purposes.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data Type | Data Length | Data .... | Data Type | Data Length | Data ....
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 75, line 41 skipping to change at page 74, line 37
following values are supported: following values are supported:
1 - WTP Crash Data 1 - WTP Crash Data
2 - WTP Memory Dump 2 - WTP Memory Dump
Data Length: Length of data field. Data Length: Length of data field.
Data: Debug information. Data: Debug information.
8.8 Data Transfer Response 8.8. Data Transfer Response
The Data Transfer Response acknowledges the Data Transfer Request. The Data Transfer Response acknowledges the Data Transfer Request.
An Data Transfer Response is sent in response to an Data Transfer An Data Transfer Response is sent in response to an Data Transfer
Request. Its purpose is to acknowledge the receipt of the Data Request. Its purpose is to acknowledge the receipt of the Data
Transfer Request packet. Transfer Request packet.
The Data Transfer Response carries no message elements. The Data Transfer Response carries no message elements.
Upon receipt of a Data Transfer Response, the WTP transmits more Upon receipt of a Data Transfer Response, the WTP transmits more
information, if any is available. information, if any is available.
9. Mobile Session Management 9. Mobile Session Management
Messages in this section are used by the AC to create, modify or Messages in this section are used by the AC to create, modify or
delete mobile station session state on the WTPs. delete mobile station session state on the WTPs.
9.1 Mobile Config Request 9.1. Mobile Config Request
The Mobile Config Request message is used to create, modify or delete The Mobile Config Request message is used to create, modify or delete
mobile session state on an WTP. The message is sent by the AC to the mobile session state on an WTP. The message is sent by the AC to the
WTP, and may contain one or more message elements. The message WTP, and may contain one or more message elements. The message
elements for this LWAPP control message include information that is elements for this LWAPP control message include information that is
generally highly technology specific. Therefore, please refer to the generally highly technology specific. Therefore, please refer to the
appropriate binding section or document for the definitions of the appropriate binding section or document for the definitions of the
messages elements that may be used in this control message. messages elements that may be used in this control message.
This section defines the format of the Delete Mobile message element, This section defines the format of the Delete Mobile message element,
since it does not contain any technology specific information. since it does not contain any technology specific information.
9.1.1 Delete Mobile 9.1.1. Delete Mobile
The Delete Mobile message element is used by the AC to inform an WTP The Delete Mobile message element is used by the AC to inform an WTP
that it should no longer provide service to a particular mobile that it should no longer provide service to a particular mobile
station. The WTP must terminate service immediately upon receiving station. The WTP must terminate service immediately upon receiving
this message element. this message element.
The transmission of a Delete Mobile message element could occur for The transmission of a Delete Mobile message element could occur for
various reasons, including for administrative reaons, as a result of various reasons, including for administrative reaons, as a result of
the fact that the mobile has roamed to another WTP, etc. the fact that the mobile has roamed to another WTP, etc.
skipping to change at page 78, line 8 skipping to change at page 76, line 8
| MAC Address | | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 30 for Delete Mobile Type: 30 for Delete Mobile
Length: 7 Length: 7
Radio ID: An 8-bit value representing the radio Radio ID: An 8-bit value representing the radio
MAC Address: The mobile station's MAC Address MAC Address: The mobile station's MAC Address
9.2 Mobile Config Response 9.2. Mobile Config Response
The Mobile Configuration Response is used to acknowledge a previously The Mobile Configuration Response is used to acknowledge a previously
received Mobile Configuration Request, and includes a Result Code received Mobile Configuration Request, and includes a Result Code
message element which indicates whether an error occured on the WTP. message element which indicates whether an error occured on the WTP.
This message requires no special processing, and is only used to This message requires no special processing, and is only used to
acknowledge the Mobile Configuration Request. acknowledge the Mobile Configuration Request.
The data transfer request message MUST contain the message elements The data transfer request message MUST contain the message elements
described in the next subsection. described in the next subsection.
9.2.1 Result Code 9.2.1. Result Code
The Result Code message element is defined in section Section 6.2.1. The Result Code message element is defined in section Section 6.2.1.
10. LWAPP Security 10. LWAPP Security
Note: This version only defines a certificate and a shared secret Note: This version only defines a certificate and a shared secret
based mechanism to secure control LWAPP traffic exchanged between the based mechanism to secure control LWAPP traffic exchanged between the
WTP and the AC. WTP and the AC.
10.1 Securing WTP-AC communications 10.1. Securing WTP-AC communications
While it is generally straightforward to produce network While it is generally straightforward to produce network
installations in which the communications medium between the WTP and installations in which the communications medium between the WTP and
AC is not accessible to the casual user (e.g. these LAN segments are AC is not accessible to the casual user (e.g. these LAN segments are
isolated, no RJ45 or other access ports exist between the WTP and the isolated, no RJ45 or other access ports exist between the WTP and the
AC), this will not always be the case. Furthermore, a determined AC), this will not always be the case. Furthermore, a determined
attacker may resort to various more sophisticated monitoring and/or attacker may resort to various more sophisticated monitoring and/or
access techniques, thereby compromising the integrity of this access techniques, thereby compromising the integrity of this
connection. connection.
skipping to change at page 79, line 39 skipping to change at page 77, line 39
must be able to "plug in" to the LAN in order to access the network. must be able to "plug in" to the LAN in order to access the network.
With these things in mind, we can begin to assess the general With these things in mind, we can begin to assess the general
security requirements for AC-WTP communications. While an in-depth security requirements for AC-WTP communications. While an in-depth
security analysis of threats and risks to these communication is security analysis of threats and risks to these communication is
beyond the scope of this document, some discussion of the motivation beyond the scope of this document, some discussion of the motivation
for various security-related design choices is useful. The for various security-related design choices is useful. The
assumptions driving the security design thus far include the assumptions driving the security design thus far include the
following: following:
o WTP-AC communications may be accessible to a sophisticated o WTP-AC communications take place over a wired connection which may
attacker. For instance, if LWAPP is used in a mesh environment, be accessible to a sophisticated attacker
where LWAPP is run over the air, additional link layer security,
such as 802.11i, may be required. o access to this connection is not trivial for an outsider (i.e.
someone who does not "belong" in the building) to access
o if authentication and/or privacy of end to end traffic for which o if authentication and/or privacy of end to end traffic for which
the WTP and AC are intermediaries is required, this may be the WTP and AC are intermediaries is required, this may be
provided via IPsec [16]. provided via IPsec [15].
o privacy and authentication for at least some WTP-AC control o privacy and authentication for at least some WTP-AC control
traffic is required (e.g. WEP keys for user sessions, passed from traffic is required (e.g. WEP keys for user sessions, passed from
AC to WTP) AC to WTP)
o the AC can be trusted to generate strong cryptographic keys o the AC can be trusted to generate strong cryptographic keys
AC-WTP traffic can be considered to consist of two types: data AC-WTP traffic can be considered to consist of two types: data
traffic (e.g. to or from an end user), and control traffic which is traffic (e.g. to or from an end user), and control traffic which is
strictly between the AC and WTP. Since data traffic may be secured strictly between the AC and WTP. Since data traffic may be secured
using IPsec (or some other end-to-end security mechanism), we confine using IPsec (or some other end-to-end security mechanism), we confine
our solution to control traffic. The resulting security consists of our solution to control traffic. The resulting security consists of
two components: an authenticated key exchange, and control traffic two components: an authenticated key exchange, and control traffic
security encapsulation. The security encapsulation is accomplished security encapsulation. The security encapsulation is accomplished
using AES CCM, described in [3]. This encapsulation provides for using AES CCM, described in [3]. This encapsulation provides for
strong AES-based authentication and encryption. The exchange of strong AES-based authentication and encryption. The exchange of
cryptographic keys used for CCM is described below. cryptographic keys used for CCM is described below.
10.2 LWAPP Frame Encryption 10.2. LWAPP Frame Encryption
While, the LWAPP protocol uses AES-CCM to encrypt control traffic, it While, the LWAPP protocol uses AES-CCM to encrypt control traffic, it
is important to note that not all control frames are encrypted. The is important to note that not all control frames are encrypted. The
LWAPP discovery and join phase are not encrypted. The Discovery LWAPP discovery and join phase are not encrypted. The Discovery
messages are sent in the clear since there does not exist a security messages are sent in the clear since there does not exist a security
association between the WTP and the AC during the discovery phase. association between the WTP and the AC during the discovery phase.
The Join phase is an authenticated exchange used to negotiate The Join phase is an authenticated exchange used to negotiate
symmetric session keys (see Section 10.3). symmetric session keys (see Section 10.3).
Once the join phase has been successfully completed, the LWAPP state Once the join phase has been successfully completed, the LWAPP state
skipping to change at page 80, line 46 skipping to change at page 78, line 46
message. The authentication data is calculated from the start of the message. The authentication data is calculated from the start of the
LWAPP packet, and includes the complete LWAPP control header (see LWAPP packet, and includes the complete LWAPP control header (see
Section 4.2.1). Section 4.2.1).
The AES-CCM block cipher protocol requires an initialization vector. The AES-CCM block cipher protocol requires an initialization vector.
The LWAPP protocol requires that the WTP and the AC maintain two The LWAPP protocol requires that the WTP and the AC maintain two
separate IVs, one for transmission and one for reception. The IV separate IVs, one for transmission and one for reception. The IV
derived during the key exchange phase by both the WTP and the AC is derived during the key exchange phase by both the WTP and the AC is
used as the base for all encrypted packets with a new key. used as the base for all encrypted packets with a new key.
10.3 Authenticated Key Exchange 10.3. Authenticated Key Exchange
This section describes the key management component of the LWAPP This section describes the key management component of the LWAPP
protocol. There are two modes supported by LWAPP; certificate and protocol. There are two modes supported by LWAPP; certificate and
pre-shared key. pre-shared key.
10.3.1 Terminology 10.3.1. Terminology
This section details the key management protocol which makes use of This section details the key management protocol which makes use of
pre-shared secrets. pre-shared secrets.
The following notations are used throughout this section: The following notations are used throughout this section:
o PSK - the pre-shared key shared between the WTP and the AC o PSK - the pre-shared key shared between the WTP and the AC
o Kpriv - the private key of a public-private key pair o Kpriv - the private key of a public-private key pair
skipping to change at page 82, line 20 skipping to change at page 80, line 20
o WNonce - The WTP's randomly generated Nonce. o WNonce - The WTP's randomly generated Nonce.
o ANonce - The AC's randomly generated Nonce. o ANonce - The AC's randomly generated Nonce.
o EWNonce - The payload of the WNonce message element, which o EWNonce - The payload of the WNonce message element, which
includes the WNonce. includes the WNonce.
o EANonce - The payload of the ANonce message element, which o EANonce - The payload of the ANonce message element, which
includes the ANonce. includes the ANonce.
10.3.2 Initial Key Generation 10.3.2. Initial Key Generation
The AC and WTP accomplish mutual authentication and a cryptographic The AC and WTP accomplish mutual authentication and a cryptographic
key exchange in a dual round trip using the Join Request, Join key exchange in a dual round trip using the Join Request, Join
Response, Join ACK and Join Confirm (see Section 6.1). Response, Join ACK and Join Confirm (see Section 6.1).
The following text describes the exchange between the WTP and the AC The following text describes the exchange between the WTP and the AC
that creates a session key, which is used to secure LWAPP control that creates a session key, which is used to secure LWAPP control
messages. messages.
o The WTP creates a Join Request using the following process: o The WTP creates a Join Request using the following process:
skipping to change at page 86, line 5 skipping to change at page 84, line 5
o The WTP authenticates the Join Confirm through the PSK-MIC o The WTP authenticates the Join Confirm through the PSK-MIC
message element. If the Join Confirm could not be message element. If the Join Confirm could not be
authenticated, the packet is dropped. authenticated, the packet is dropped.
o SK1E is now plumbed into the AC and WTP's crypto engine as the o SK1E is now plumbed into the AC and WTP's crypto engine as the
AES-CCM LWAPP control encryption session key. Furthermore, the AES-CCM LWAPP control encryption session key. Furthermore, the
random IV is used as the base Initialization Vector. From this random IV is used as the base Initialization Vector. From this
point on, all control protocol payloads between the WTP and AC are point on, all control protocol payloads between the WTP and AC are
encrypted and authenticated using the new session key. encrypted and authenticated using the new session key.
10.3.3 Refreshing Cryptographic Keys 10.3.3. Refreshing Cryptographic Keys
Since AC-WTP associations will tend to be relatively long-lived, it Since AC-WTP associations will tend to be relatively long-lived, it
is sensible to periodically refresh the encryption and authentication is sensible to periodically refresh the encryption and authentication
keys; this is referred to as "rekeying". When the key lifetime keys; this is referred to as "rekeying". When the key lifetime
reaches 95% of the configured value, identified in the KeyLifetime reaches 95% of the configured value, identified in the KeyLifetime
timer (see Section 12), the rekeying will proceed as follows: timer (see Section 12), the rekeying will proceed as follows:
o The WTP creates RK0 through the previously defined KDF algorithm: o The WTP creates RK0 through the previously defined KDF algorithm:
RK0 = KDF-256{SK1D, "LWAPP PSK Top K0" || Session ID || WTP-MAC || RK0 = KDF-256{SK1D, "LWAPP PSK Top K0" || Session ID || WTP-MAC ||
AC-MAC}. Note the difference in this specific instance is that AC-MAC}. Note the difference in this specific instance is that
skipping to change at page 87, line 5 skipping to change at page 85, line 5
If either the WTP or the AC do not receive an expected response by If either the WTP or the AC do not receive an expected response by
the time the ResponseTimeout timer expires (see Section 12), the the time the ResponseTimeout timer expires (see Section 12), the
WTP MUST delete the new and old session information, and reset the WTP MUST delete the new and old session information, and reset the
state machine to the Idle state. state machine to the Idle state.
Following a rekey process, both the WTP and the AC keep the Following a rekey process, both the WTP and the AC keep the
previous encryption for 5-10 seconds in order to be able to previous encryption for 5-10 seconds in order to be able to
process packets that arrive out of order. process packets that arrive out of order.
10.4 Certificate Usage 10.4. Certificate Usage
Validation of the certificates by the AC and WTP is required so that Validation of the certificates by the AC and WTP is required so that
only an AC may perform the functions of an AC and that only a WTP may only an AC may perform the functions of an AC and that only a WTP may
perform the functions of a WTP. This restriction of functions to the perform the functions of a WTP. This restriction of functions to the
AC or WTP requires that the certificates used by the AC MUST be AC or WTP requires that the certificates used by the AC MUST be
distinguishable from the certificate used by the WTP. To accomplish distinguishable from the certificate used by the WTP. To accomplish
this differentiation, the x.509v3 certificates MUST include the this differentiation, the x.509v3 certificates MUST include the
Extensions field [10] and MUST include the NetscapeComment [11] Extensions field [10] and MUST include the NetscapeComment [11]
extension. extension.
skipping to change at page 88, line 10 skipping to change at page 86, line 10
extension does not represent the same role as the device validating extension does not represent the same role as the device validating
the certificate. For instance, a WTP MUST NOT accept a certificate the certificate. For instance, a WTP MUST NOT accept a certificate
whose NetscapeComment field is set to "CAPWAP WTP Device whose NetscapeComment field is set to "CAPWAP WTP Device
Certificate". Certificate".
11. IEEE 802.11 Binding 11. IEEE 802.11 Binding
This section defines the extensions required for the LWAPP protocol This section defines the extensions required for the LWAPP protocol
to be used with the IEEE 802.11 protocol. to be used with the IEEE 802.11 protocol.
11.1 Division of labor 11.1. Division of labor
The LWAPP protocol, when used with IEEE 802.11 devices, requires a The LWAPP protocol, when used with IEEE 802.11 devices, requires a
specific behavior from the WTP and the AC, specifically in terms of specific behavior from the WTP and the AC, specifically in terms of
which 802.11 protocol functions are handled. which 802.11 protocol functions are handled.
For both the Split and Local MAC approaches, the CAPWAP functions, as For both the Split and Local MAC approaches, the CAPWAP functions, as
defined in the taxonomy specification, reside in the AC. defined in the taxonomy specification, reside in the AC.
11.1.1 Split MAC 11.1.1. Split MAC
This section shows the division of labor between the WTP and the AC This section shows the division of labor between the WTP and the AC
in a Split MAC architecture. Figure 3 shows the clear separation of in a Split MAC architecture. Figure 3 shows the clear separation of
functionality among LWAPP components. functionality among LWAPP components.
Function Location Function Location
Distribution Service AC Distribution Service AC
Integration Service AC Integration Service AC
Beacon Generation WTP Beacon Generation WTP
Probe Response WTP Probe Response WTP
skipping to change at page 90, line 31 skipping to change at page 88, line 31
encryption key to use. If encryption/decryption is handled in the encryption key to use. If encryption/decryption is handled in the
AC, the Add Mobile request would have the encryption policy set to AC, the Add Mobile request would have the encryption policy set to
"Clear Text". "Clear Text".
o The WTP forwards any 802.11 Action frames received to the AC. o The WTP forwards any 802.11 Action frames received to the AC.
o All client data frames are tunneled between the WTP and the AC. o All client data frames are tunneled between the WTP and the AC.
Note that the WTP is responsible for encrypting and decrypting Note that the WTP is responsible for encrypting and decrypting
frames, if it was indicated in the Add Mobile request. frames, if it was indicated in the Add Mobile request.
11.1.2 Local MAC 11.1.2. Local MAC
This section shows the division of labor between the WTP and the AC This section shows the division of labor between the WTP and the AC
in a Local MAC architecture. Figure 5 shows the clear separation of in a Local MAC architecture. Figure 5 shows the clear separation of
functiionality among LWAPP components. functiionality among LWAPP components.
Function Location Function Location
Distribution Service WTP Distribution Service WTP
Integration Service WTP Integration Service WTP
Beacon Generation WTP Beacon Generation WTP
Probe Response WTP Probe Response WTP
skipping to change at page 93, line 17 skipping to change at page 91, line 17
CCMP), as well as the encryption key to use. The Add Mobile CCMP), as well as the encryption key to use. The Add Mobile
request MAY include a VLAN name, which when present is used by the request MAY include a VLAN name, which when present is used by the
WTP to identify the VLAN on which the user's data frames are to be WTP to identify the VLAN on which the user's data frames are to be
bridged. bridged.
o The WTP forwards any 802.11 Action frames received to the AC. o The WTP forwards any 802.11 Action frames received to the AC.
o The WTP locally bridges all client data frames, and provides the o The WTP locally bridges all client data frames, and provides the
necessary encryption and decryption services. necessary encryption and decryption services.
11.2 Roaming Behavior and 802.11 security 11.2. Roaming Behavior and 802.11 security
It is important that LWAPP implementations react properly to mobile It is important that LWAPP implementations react properly to mobile
devices associating to the networks in how they generate Add Mobile devices associating to the networks in how they generate Add Mobile
and Delete Mobile messages. This section expands upon the examples and Delete Mobile messages. This section expands upon the examples
provided in the previous section, and describes how the LWAPP control provided in the previous section, and describes how the LWAPP control
protocol is used in order to provide secure roaming. protocol is used in order to provide secure roaming.
Once a client has successfully associated with the network in a Once a client has successfully associated with the network in a
secure fashion, it is likely to attempt to roam to another access secure fashion, it is likely to attempt to roam to another access
point. Figure 7 shows an example of a currently associated station point. Figure 7 shows an example of a currently associated station
skipping to change at page 94, line 5 skipping to change at page 92, line 5
<--------------------------------------( - )--------------> <--------------------------------------( - )-------------->
802.11i 4-way Key Exchange 802.11i 4-way Key Exchange
<--------------------------------------( - )--------------> <--------------------------------------( - )-------------->
Delete Mobile Delete Mobile
<----------------------------------> <---------------------------------->
Add Mobile (AES-CCMP, PTK=x) Add Mobile (AES-CCMP, PTK=x)
<----------------> <---------------->
Figure 7: Client Roaming Example Figure 7: Client Roaming Example
11.3 Transport specific bindings 11.3. Transport specific bindings
All LWAPP transports have the following IEEE 802.11 specific All LWAPP transports have the following IEEE 802.11 specific
bindings: bindings:
11.3.1 Status and WLANS field 11.3.1. Status and WLANS field
The interpretation of this 16 bit field depends on the direction of The interpretation of this 16 bit field depends on the direction of
transmission of the packet. Refer to the figure in Section transmission of the packet. Refer to the figure in Section
Section 3.1. Section 3.1.
Status Status
When an LWAPP packet is transmitted from an WTP to an AC, this field When an LWAPP packet is transmitted from an WTP to an AC, this field
is called the status field and indicates radio resource information is called the status field and indicates radio resource information
associated with the frame. When the message is an LWAPP control associated with the frame. When the message is an LWAPP control
skipping to change at page 94, line 39 skipping to change at page 92, line 39
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RSSI | SNR | | RSSI | SNR |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
RSSI: RSSI is a signed, 8-bit value. It is the received signal RSSI: RSSI is a signed, 8-bit value. It is the received signal
strength indication, in dBm. strength indication, in dBm.
SNR: SNR is a signed, 8-bit value. It is the signal to noise ratio SNR: SNR is a signed, 8-bit value. It is the signal to noise ratio
of the received IEEE 802.11 frame, in dB. of the received IEEE 802.11 frame, in dB.
WLANs field: When an LWAPP data message is transmitted from an AC to WLANs field: When an LWAPP data message is transmitted from an AC
an WTP, this 16 bit field indicates on which WLANs the to an WTP, this 16 bit field indicates on which WLANs the
encapsulated IEEE 802.11 frame is to be transmitted. For unicast encapsulated IEEE 802.11 frame is to be transmitted. For unicast
packets, this field is not used by the WTP. For broadcast or packets, this field is not used by the WTP. For broadcast or
multicast packets, the WTP might require this information if it multicast packets, the WTP might require this information if it
provides encryption services. provides encryption services.
Given that a single broadcast or multicast packet might need to be Given that a single broadcast or multicast packet might need to be
sent to multiple wireless LANs (presumably each with a different sent to multiple wireless LANs (presumably each with a different
broadcast key), this field is defined as a bit field. A bit set broadcast key), this field is defined as a bit field. A bit set
indicates a WLAN ID (see Section Section 11.8.1.1) which will be indicates a WLAN ID (see Section Section 11.8.1.1) which will be
sent the data. The WLANS field is encoded in the following sent the data. The WLANS field is encoded in the following
manner: manner:
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| WLAN ID(s) | | WLAN ID(s) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
11.4 BSSID to WLAN ID Mapping 11.4. BSSID to WLAN ID Mapping
The LWAPP protocol makes assumptions regarding the BSSIDs used on the The LWAPP protocol makes assumptions regarding the BSSIDs used on the
WTP. It is a requirement for the WTP to use a contiguous block of WTP. It is a requirement for the WTP to use a contiguous block of
BSSIDs. The WLAN Identifier field, which is managed by the AC, is BSSIDs. The WLAN Identifier field, which is managed by the AC, is
used as an offset into the BSSID list. used as an offset into the BSSID list.
For instance, if a WTP had a base BSSID address of 00:01:02:00:00:00, For instance, if a WTP had a base BSSID address of 00:01:02:00:00:00,
and the AC sent an Add WLAN message with a WLAN Identifier of 2 (see and the AC sent an Add WLAN message with a WLAN Identifier of 2 (see
Section Section 11.8.1.1), the BSSID for the specific WLAN on the WTP Section Section 11.8.1.1), the BSSID for the specific WLAN on the WTP
would be 00:01:02:00:00:02. would be 00:01:02:00:00:02.
The WTP communicates the maximum number of BSSIDs that it supports The WTP communicates the maximum number of BSSIDs that it supports
during the Config Request within the IEEE 802.11 WTP WLAN Radio during the Config Request within the IEEE 802.11 WTP WLAN Radio
Configuration message element (see Section 11.9.1). Configuration message element (see Section 11.9.1).
11.5 Quality of Service 11.5. Quality of Service
It is recommended that 802.11 MAC management be sent by both the AC It is recommended that 802.11 MAC management be sent by both the AC
and the WTP with appropriate Quality of Service values, ensuring that and the WTP with appropriate Quality of Service values, ensuring that
congestion in the network minimizes occurences of packet loss. congestion in the network minimizes occurences of packet loss.
Therefore, a Quality of Service enabled LWAPP device should use: Therefore, a Quality of Service enabled LWAPP device should use:
802.1P: The precedence value of 6 SHOULD be used for all 802.11 MAC 802.1P: The precedence value of 6 SHOULD be used for all 802.11 MAC
management messages, except for Probe Requests which SHOULD use 4. management messages, except for Probe Requests which SHOULD use 4.
DSCP: The dscp tag value of 46 SHOULD be used for all 802.11 MAC DSCP: The dscp tag value of 46 SHOULD be used for all 802.11 MAC
management messages, except for Probe Requests which SHOULD use management messages, except for Probe Requests which SHOULD use
34. 34.
11.6 Data Message bindings 11.6. Data Message bindings
There are no LWAPP Data Message bindings for IEEE 802.11. There are no LWAPP Data Message bindings for IEEE 802.11.
11.7 Control Message bindings 11.7. Control Message bindings
The IEEE 802.11 binding has the following Control Message The IEEE 802.11 binding has the following Control Message
definitions. definitions.
11.7.1 Mobile Config Request 11.7.1. Mobile Config Request
This section contains the 802.11 specific message elements that are This section contains the 802.11 specific message elements that are
used with the Mobile Config Request. used with the Mobile Config Request.
11.7.1.1 Add Mobile 11.7.1.1. Add Mobile
The Add Mobile Request is used by the AC to inform an WTP that it The Add Mobile Request is used by the AC to inform an WTP that it
should forward traffic from a particular mobile station. The add should forward traffic from a particular mobile station. The add
mobile request may also include security parameters that must be mobile request may also include security parameters that must be
enforced by the WTP for the particular mobile. enforced by the WTP for the particular mobile.
When the AC sends an Add Mobile Request, it includes any security When the AC sends an Add Mobile Request, it includes any security
parameters that may be required. An AC that wishes to update a parameters that may be required. An AC that wishes to update a
mobile's policy on an WTP may be done by simply sending a new Add mobile's policy on an WTP may be done by simply sending a new Add
Mobile message element. Mobile message element.
skipping to change at page 97, line 40 skipping to change at page 95, line 40
Length: 36 Length: 36
Radio ID: An 8-bit value representing the radio Radio ID: An 8-bit value representing the radio
Association ID: A 16-bit value specifying the 802.11 Association Association ID: A 16-bit value specifying the 802.11 Association
Identifier Identifier
MAC Address: The mobile station's MAC Address MAC Address: The mobile station's MAC Address
E: The one bit field is set by the AC to inform the WTP that is MUST E: The one bit field is set by the AC to inform the WTP that is
NOT accept any 802.11 data frames, other than 802.1X frames. This MUST NOT accept any 802.11 data frames, other than 802.1X frames.
is the equivalent of the WTP's 802.1X port for the mobile station This is the equivalent of the WTP's 802.1X port for the mobile
to be in the closed state. When set, the WTP MUST drop any non- station to be in the closed state. When set, the WTP MUST drop
802.1X packets it receives from the mobile station. any non-802.1X packets it receives from the mobile station.
C: The one bit field is set by the AC to inform the WTP that C: The one bit field is set by the AC to inform the WTP that
encryption services will be provided by the AC. When set, the WTP encryption services will be provided by the AC. When set, the WTP
SHOULD police frames received from stations to ensure that they SHOULD police frames received from stations to ensure that they
comply to the stated encryption policy, but does not need to take comply to the stated encryption policy, but does not need to take
specific cryptographic action on the frame. Similarly, for specific cryptographic action on the frame. Similarly, for
transmitted frames, the WTP only needs to forward already transmitted frames, the WTP only needs to forward already
encrypted frames. encrypted frames.
Encryption Policy: The policy field informs the WTP how to handle Encryption Policy: The policy field informs the WTP how to handle
skipping to change at page 98, line 25 skipping to change at page 96, line 25
2 - Encrypt WEP 40: All packets to/from the mobile station must 2 - Encrypt WEP 40: All packets to/from the mobile station must
be encrypted using standard 40 bit WEP. be encrypted using standard 40 bit WEP.
3 - Encrypt WEP 128: All packets to/from the mobile station must 3 - Encrypt WEP 128: All packets to/from the mobile station must
be encrypted using standard 128 bit WEP. be encrypted using standard 128 bit WEP.
4 - Encrypt AES-CCMP 128: All packets to/from the mobile station 4 - Encrypt AES-CCMP 128: All packets to/from the mobile station
must be encrypted using 128 bit AES CCMP [7] must be encrypted using 128 bit AES CCMP [7]
5 - Encrypt TKIP-MIC: All packets to/from the mobile station must 5 - Encrypt TKIP-MIC: All packets to/from the mobile station must
be encrypted using TKIP and authenticated using Michael [18] be encrypted using TKIP and authenticated using Michael [17]
Session Key: A 32 octet session key the WTP is to use when Session Key: A 32 octet session key the WTP is to use when
encrypting traffic to or decrypting traffic from the mobile encrypting traffic to or decrypting traffic from the mobile
station. The type of key is determined based on the Encryption station. The type of key is determined based on the Encryption
Policy field. Policy field.
Pairwise TSC: The TSC to use for unicast packets transmitted to the Pairwise TSC: The TSC to use for unicast packets transmitted to the
mobile. mobile.
Pairwise RSC: The RSC to use for unicast packets received from the Pairwise RSC: The RSC to use for unicast packets received from the
skipping to change at page 99, line 23 skipping to change at page 97, line 23
3 - Bronze (Background) 3 - Bronze (Background)
Supported Rates: The supported rates to be used with the mobile Supported Rates: The supported rates to be used with the mobile
station. station.
VLAN Name: An optional variable string containing the VLAN Name on VLAN Name: An optional variable string containing the VLAN Name on
which the WTP is to locally bridge user data. Note this field is which the WTP is to locally bridge user data. Note this field is
only valid with Local MAC WTPs. only valid with Local MAC WTPs.
11.7.1.2 IEEE 802.11 Mobile Session Key 11.7.1.2. IEEE 802.11 Mobile Session Key
The Mobile Session Key Payload message element is sent when the AC The Mobile Session Key Payload message element is sent when the AC
determines that encryption of a mobile station must be performed in determines that encryption of a mobile station must be performed in
the WTP. This message element MUST NOT be present without the Add the WTP. This message element MUST NOT be present without the Add
Mobile (see Section 11.7.1.1) message element, and MUST NOT be sent Mobile (see Section 11.7.1.1) message element, and MUST NOT be sent
if the WTP had not specifically advertised support for the requested if the WTP had not specifically advertised support for the requested
encryption scheme (see ???). encryption scheme (see ???).
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at page 100, line 21 skipping to change at page 98, line 21
2 - Encrypt WEP 40: All packets to/from the mobile station must 2 - Encrypt WEP 40: All packets to/from the mobile station must
be encrypted using standard 40 bit WEP. be encrypted using standard 40 bit WEP.
3 - Encrypt WEP 128: All packets to/from the mobile station must 3 - Encrypt WEP 128: All packets to/from the mobile station must
be encrypted using standard 128 bit WEP. be encrypted using standard 128 bit WEP.
4 - Encrypt AES-CCMP 128: All packets to/from the mobile station 4 - Encrypt AES-CCMP 128: All packets to/from the mobile station
must be encrypted using 128 bit AES CCMP [7] must be encrypted using 128 bit AES CCMP [7]
5 - Encrypt TKIP-MIC: All packets to/from the mobile station must 5 - Encrypt TKIP-MIC: All packets to/from the mobile station must
be encrypted using TKIP and authenticated using Michael [18] be encrypted using TKIP and authenticated using Michael [17]
Session Key: The session key the WTP is to use when encrypting Session Key: The session key the WTP is to use when encrypting
traffic to/from the mobile station. traffic to/from the mobile station.
11.7.1.3 Station QoS Profile 11.7.1.3. Station QoS Profile
The Station QoS Profile Payload message element contains the maximum The Station QoS Profile Payload message element contains the maximum
802.11e priority tag that may be used by the station. Any packets 802.11e priority tag that may be used by the station. Any packets
received that exceeds the value encoded in this message element must received that exceeds the value encoded in this message element must
either be dropped or tagged using the maximum value permitted by to either be dropped or tagged using the maximum value permitted by to
the user. The priority tag must be between zero (0) and seven (7). the user. The priority tag must be between zero (0) and seven (7).
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 101, line 5 skipping to change at page 99, line 5
Type: 140 for IEEE 802.11 Station QOS Profile Type: 140 for IEEE 802.11 Station QOS Profile
Length: 12 Length: 12
MAC Address: The mobile station's MAC Address MAC Address: The mobile station's MAC Address
802.1P Precedence Tag: The maximum 802.1P precedence value that the 802.1P Precedence Tag: The maximum 802.1P precedence value that the
WTP will allow in the TID field in the extended 802.11e QOS Data WTP will allow in the TID field in the extended 802.11e QOS Data
header. header.
11.7.1.4 IEEE 802.11 Update Mobile QoS 11.7.1.4. IEEE 802.11 Update Mobile QoS
The Update Mobile QoS message element is used to change the Quality The Update Mobile QoS message element is used to change the Quality
of Service policy on the WTP for a given mobile station. of Service policy on the WTP for a given mobile station.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Association ID | MAC Address | | Radio ID | Association ID | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
skipping to change at page 101, line 33 skipping to change at page 99, line 33
Length: 14 Length: 14
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Association ID: The 802.11 Association Identifier. Association ID: The 802.11 Association Identifier.
MAC Address: The mobile station's MAC Address. MAC Address: The mobile station's MAC Address.
QoS Profile: An 8-bit value specifying the QoS policy to enforce for QoS Profile: An 8-bit value specifying the QoS policy to enforce
the station. The following values are supported: for the station. The following values are supported:
0 - Silver (Best Effort) 0 - Silver (Best Effort)
1 - Gold (Video) 1 - Gold (Video)
2 - Platinum (Voice) 2 - Platinum (Voice)
3 - Bronze (Background) 3 - Bronze (Background)
VLAN Identifier: PRC. VLAN Identifier: PRC.
DSCP Tag: The DSCP label to use if packets are to be DSCP tagged. DSCP Tag: The DSCP label to use if packets are to be DSCP tagged.
802.1P Tag: The 802.1P precedence value to use if packets are to be 802.1P Tag: The 802.1P precedence value to use if packets are to be
802.1P tagged. 802.1P tagged.
11.7.2 WTP Event Request 11.7.2. WTP Event Request
This section contains the 802.11 specific message elements that are This section contains the 802.11 specific message elements that are
used with the WTP Event Request message. used with the WTP Event Request message.
11.7.2.1 IEEE 802.11 Statistics 11.7.2.1. IEEE 802.11 Statistics
The statistics message element is sent by the WTP to transmit it's The statistics message element is sent by the WTP to transmit it's
current statistics. The value contains the following fields. current statistics. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Tx Fragment Count | | Radio ID | Tx Fragment Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Tx Fragment Cnt| Multicast Tx Count | |Tx Fragment Cnt| Multicast Tx Count |
skipping to change at page 104, line 5 skipping to change at page 102, line 5
multicast frames received. multicast frames received.
FCS Error Count: A 32-bit value representing the number of FCS FCS Error Count: A 32-bit value representing the number of FCS
failures. failures.
Decryption Errors: A 32-bit value representing the number of Decryption Errors: A 32-bit value representing the number of
Decryption errors that occured on the WTP. Note that this field Decryption errors that occured on the WTP. Note that this field
is only valid in cases where the WTP provides encryption/ is only valid in cases where the WTP provides encryption/
decryption services. decryption services.
11.8 802.11 Control Messages 11.8. 802.11 Control Messages
This section will define LWAPP Control Messages that are specific to This section will define LWAPP Control Messages that are specific to
the IEEE 802.11 binding. the IEEE 802.11 binding.
11.8.1 IEEE 802.11 WLAN Config Request 11.8.1. IEEE 802.11 WLAN Config Request
The IEEE 802.11 WLAN Configuration Request is sent by the AC to the The IEEE 802.11 WLAN Configuration Request is sent by the AC to the
WTP in order to change services provided by the WTP. This control WTP in order to change services provided by the WTP. This control
message is used to either create, update or delete a WLAN on the WTP. message is used to either create, update or delete a WLAN on the WTP.
The IEEE 802.11 WLAN Configuration Request is sent as a result of The IEEE 802.11 WLAN Configuration Request is sent as a result of
either some manual admistrative process (e.g., deleting a WLAN), or either some manual admistrative process (e.g., deleting a WLAN), or
automatically to create a WLAN on an WTP. When sent automatically to automatically to create a WLAN on an WTP. When sent automatically to
create a WLAN, this control message is sent after the LWAPP create a WLAN, this control message is sent after the LWAPP
Configuration Request message has been received by the WTP. Configuration Request message has been received by the WTP.
skipping to change at page 104, line 41 skipping to change at page 102, line 41
Since the index is the primary identifier for a WLAN, an AC SHOULD Since the index is the primary identifier for a WLAN, an AC SHOULD
attempt to ensure that the same WLAN is identified through the same attempt to ensure that the same WLAN is identified through the same
index number on all of its WTPs. An AC that does not follow this index number on all of its WTPs. An AC that does not follow this
approach MUST find some other means of maintaining a WLAN Identifier approach MUST find some other means of maintaining a WLAN Identifier
to SSID mapping table. to SSID mapping table.
The following subsections define the message elements that are value The following subsections define the message elements that are value
for this LWAPP operation. Only one message MUST be present. for this LWAPP operation. Only one message MUST be present.
11.8.1.1 IEEE 802.11 Add WLAN 11.8.1.1. IEEE 802.11 Add WLAN
The Add WLAN message element is used by the AC to define a wireless The Add WLAN message element is used by the AC to define a wireless
LAN on the WTP. The value contains the following format: LAN on the WTP. The value contains the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN Capability | WLAN ID | | Radio ID | WLAN Capability | WLAN ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encryption Policy | | Encryption Policy |
skipping to change at page 106, line 12 skipping to change at page 104, line 12
2 - Encrypt WEP 40: All packets to/from the mobile station must 2 - Encrypt WEP 40: All packets to/from the mobile station must
be encrypted using standard 40 bit WEP. be encrypted using standard 40 bit WEP.
3 - Encrypt WEP 128: All packets to/from the mobile station must 3 - Encrypt WEP 128: All packets to/from the mobile station must
be encrypted using standard 128 bit WEP. be encrypted using standard 128 bit WEP.
4 - Encrypt AES-CCMP 128: All packets to/from the mobile station 4 - Encrypt AES-CCMP 128: All packets to/from the mobile station
must be encrypted using 128 bit AES CCMP [7] must be encrypted using 128 bit AES CCMP [7]
5 - Encrypt TKIP-MIC: All packets to/from the mobile station must 5 - Encrypt TKIP-MIC: All packets to/from the mobile station must
be encrypted using TKIP and authenticated using Michael [18] be encrypted using TKIP and authenticated using Michael [17]
6 - Encrypt CKIP: All packets to/from the mobile station must be 6 - Encrypt CKIP: All packets to/from the mobile station must be
encrypted using Cisco TKIP. encrypted using Cisco TKIP.
Key: A 32 byte Session Key to use with the encryption policy. Key: A 32 byte Session Key to use with the encryption policy.
Key-Index: The Key Index associated with the key. Key-Index: The Key Index associated with the key.
Shared Key: A 1 byte boolean that specifies whether the key included Shared Key: A 1 byte boolean that specifies whether the key
in the Key field is a shared WEP key. A value of zero is used to included in the Key field is a shared WEP key. A value of zero is
state that the key is not a shared WEP key, while a value of one used to state that the key is not a shared WEP key, while a value
is used to state that the key is a shared WEP key. of one is used to state that the key is a shared WEP key.
WPA Data Len: Length of the WPA IE. WPA Data Len: Length of the WPA IE.
WPA IE: A 32 byte field containing the WPA Information Element. WPA IE: A 32 byte field containing the WPA Information Element.
RSN Data Len: Length of the RSN IE. RSN Data Len: Length of the RSN IE.
RSN IE: A 64 byte field containing the RSN Information Element. RSN IE: A 64 byte field containing the RSN Information Element.
Reserved: A 49 byte reserved field, which MUST be set to zero (0). Reserved: A 49 byte reserved field, which MUST be set to zero (0).
skipping to change at page 107, line 35 skipping to change at page 105, line 35
Broadcast SSID: A boolean indicating whether the SSID is to be Broadcast SSID: A boolean indicating whether the SSID is to be
broadcast by the WTP. A value of zero disables SSID broadcast, broadcast by the WTP. A value of zero disables SSID broadcast,
while a value of one enables it. while a value of one enables it.
Reserved: A 40 byte reserved field. Reserved: A 40 byte reserved field.
SSID: The SSID attribute is the service set identifier that will be SSID: The SSID attribute is the service set identifier that will be
advertised by the WTP for this WLAN. advertised by the WTP for this WLAN.
11.8.1.2 IEEE 802.11 Delete WLAN 11.8.1.2. IEEE 802.11 Delete WLAN
The delete WLAN message element is used to inform the WTP that a The delete WLAN message element is used to inform the WTP that a
previously created WLAN is to be deleted. The value contains the previously created WLAN is to be deleted. The value contains the
following fields: following fields:
0 1 2 0 1 2
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID | | Radio ID | WLAN ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 28 for IEEE 802.11 Delete WLAN Type: 28 for IEEE 802.11 Delete WLAN
Length: 3
Length: 3
Radio ID: An 8-bit value representing the radio Radio ID: An 8-bit value representing the radio
WLAN ID: A 16-bit value specifying the WLAN Identifier WLAN ID: A 16-bit value specifying the WLAN Identifier
11.8.1.3 IEEE 802.11 Update WLAN 11.8.1.3. IEEE 802.11 Update WLAN
The Update WLAN message element is used by the AC to define a The Update WLAN message element is used by the AC to define a
wireless LAN on the WTP. The value contains the following format: wireless LAN on the WTP. The value contains the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID |Encrypt Policy | | Radio ID | WLAN ID |Encrypt Policy |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encryption Policy | Key... | | Encryption Policy | Key... |
skipping to change at page 109, line 12 skipping to change at page 107, line 9
2 - Encrypt WEP 40: All packets to/from the mobile station must 2 - Encrypt WEP 40: All packets to/from the mobile station must
be encrypted using standard 40 bit WEP. be encrypted using standard 40 bit WEP.
3 - Encrypt WEP 128: All packets to/from the mobile station must 3 - Encrypt WEP 128: All packets to/from the mobile station must
be encrypted using standard 128 bit WEP. be encrypted using standard 128 bit WEP.
4 - Encrypt AES-CCMP 128: All packets to/from the mobile station 4 - Encrypt AES-CCMP 128: All packets to/from the mobile station
must be encrypted using 128 bit AES CCMP [7] must be encrypted using 128 bit AES CCMP [7]
5 - Encrypt TKIP-MIC: All packets to/from the mobile station must 5 - Encrypt TKIP-MIC: All packets to/from the mobile station must
be encrypted using TKIP and authenticated using Michael [18] be encrypted using TKIP and authenticated using Michael [17]
6 - Encrypt CKIP: All packets to/from the mobile station must be 6 - Encrypt CKIP: All packets to/from the mobile station must be
encrypted using Cisco TKIP. encrypted using Cisco TKIP.
Key: A 32 byte Session Key to use with the encryption policy. Key: A 32 byte Session Key to use with the encryption policy.
Key-Index: The Key Index associated with the key. Key-Index: The Key Index associated with the key.
Shared Key: A 1 byte boolean that specifies whether the key included Shared Key: A 1 byte boolean that specifies whether the key
in the Key field is a shared WEP key. A value of zero means that included in the Key field is a shared WEP key. A value of zero
the key is not a shared WEP key, while a value of one is used to means that the key is not a shared WEP key, while a value of one
state that the key is a shared WEP key. is used to state that the key is a shared WEP key.
WLAN Capability: A 16-bit value containing the capabilities to be WLAN Capability: A 16-bit value containing the capabilities to be
advertised by the WTP within the Probe and Beacon messages. advertised by the WTP within the Probe and Beacon messages.
11.8.2 IEEE 802.11 WLAN Config Response 11.8.2. IEEE 802.11 WLAN Config Response
The IEEE 802.11 WLAN Configuration Response is sent by the WTP to the The IEEE 802.11 WLAN Configuration Response is sent by the WTP to the
AC as an acknowledgement of the receipt of an IEEE 802.11 WLAN AC as an acknowledgement of the receipt of an IEEE 802.11 WLAN
Configuration Request. Configuration Request.
This LWAPP control message does not include any message elements. This LWAPP control message does not include any message elements.
11.8.3 IEEE 802.11 WTP Event 11.8.3. IEEE 802.11 WTP Event
The IEEE 802.11 WTP Event LWAPP message is used by the WTP in order The IEEE 802.11 WTP Event LWAPP message is used by the WTP in order
to report asynchronous events to the AC. There is no reply message to report asynchronous events to the AC. There is no reply message
expected from the AC, except that the message is acknowledged via the expected from the AC, except that the message is acknowledged via the
reliable transport. reliable transport.
When the AC receives the IEEE 802.11 WTP Event, it will take whatever When the AC receives the IEEE 802.11 WTP Event, it will take whatever
action is necessary, depending upon the message elements present in action is necessary, depending upon the message elements present in
the message. the message.
The IEEE 802.11 WTP Event message MUST contain one of the following The IEEE 802.11 WTP Event message MUST contain one of the following
message element described in the next subsections. message element described in the next subsections.
11.8.3.1 IEEE 802.11 MIC Countermeasures 11.8.3.1. IEEE 802.11 MIC Countermeasures
The MIC Countermeasures message element is sent by the WTP to the AC The MIC Countermeasures message element is sent by the WTP to the AC
to indicate the occurrence of a MIC failure. to indicate the occurrence of a MIC failure.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | WLAN ID | MAC Address | | Radio ID | WLAN ID | MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MAC Address | | MAC Address |
skipping to change at page 110, line 31 skipping to change at page 108, line 26
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP. index on the WTP.
WLAN ID: This 8-bit unsigned integer includes the WLAN Identifier, WLAN ID: This 8-bit unsigned integer includes the WLAN Identifier,
on which the MIC failure occurred. on which the MIC failure occurred.
MAC Address: The MAC Address of the mobile station that caused the MAC Address: The MAC Address of the mobile station that caused the
MIC failure. MIC failure.
11.8.3.2 IEEE 802.11 WTP Radio Fail Alarm Indication 11.8.3.2. IEEE 802.11 WTP Radio Fail Alarm Indication
The WTP Radio Fail Alarm Indication message element is sent by the The WTP Radio Fail Alarm Indication message element is sent by the
WTP to the AC when it detects a radio failure. WTP to the AC when it detects a radio failure.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Type | Status | Pad | | Radio ID | Type | Status | Pad |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 111, line 4 skipping to change at page 108, line 43
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Type | Status | Pad | | Radio ID | Type | Status | Pad |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 95 for WTP Radio Fail Alarm Indication Type: 95 for WTP Radio Fail Alarm Indication
Length: 4 Length: 4
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Type: The type of radio failure detected. The following values are Type: The type of radio failure detected. The following values are
supported: supported:
1 - Receiver 1 - Receiver
2 - Transmitter 2 - Transmitter
Status: An 8-bit boolean indicating whether the radio failure is Status: An 8-bit boolean indicating whether the radio failure is
being reported or cleared. A value of zero is used to clear the being reported or cleared. A value of zero is used to clear the
event, while a value of one is used to report the event. event, while a value of one is used to report the event.
Pad: Reserved field MUST be set to zero (0). Pad: Reserved field MUST be set to zero (0).
11.9 Message Element Bindings 11.9. Message Element Bindings
The IEEE 802.11 Message Element binding has the following The IEEE 802.11 Message Element binding has the following
definitions: definitions:
Conf Conf Conf Add Conf Conf Conf Add
Req Resp Upd Mobile Req Resp Upd Mobile
IEEE 802.11 WTP WLAN Radio Configuration X X X IEEE 802.11 WTP WLAN Radio Configuration X X X
IEEE 802.11 Rate Set X X IEEE 802.11 Rate Set X X
IEEE 802.11 Multi-domain Capability X X X IEEE 802.11 Multi-domain Capability X X X
skipping to change at page 111, line 43 skipping to change at page 109, line 36
IEEE 802.11 Supported Rates X X IEEE 802.11 Supported Rates X X
IEEE 802.11 Antenna X X X IEEE 802.11 Antenna X X X
IEEE 802.11 CFP Status X X IEEE 802.11 CFP Status X X
IEEE 802.11 Broadcast Probe Mode X X IEEE 802.11 Broadcast Probe Mode X X
IEEE 802.11 WTP Mode and Type X? X IEEE 802.11 WTP Mode and Type X? X
IEEE 802.11 WTP Quality of Service X X IEEE 802.11 WTP Quality of Service X X
IEEE 802.11 MIC Error Report From Mobile X IEEE 802.11 MIC Error Report From Mobile X
IEEE 802.11 Update Mobile QoS X IEEE 802.11 Update Mobile QoS X
IEEE 802.11 Mobile Session Key X IEEE 802.11 Mobile Session Key X
11.9.1 IEEE 802.11 WTP WLAN Radio Configuration 11.9.1. IEEE 802.11 WTP WLAN Radio Configuration
The WTP WLAN radio configuration is used by the AC to configure a The WTP WLAN radio configuration is used by the AC to configure a
Radio on the WTP. The message element value contains the following Radio on the WTP. The message element value contains the following
Fields: Fields:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | Occupancy Limit | | Radio ID | Reserved | Occupancy Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 113, line 5 skipping to change at page 111, line 5
BSSID: The WLAN Radio's base MAC Address. For WTPs that support BSSID: The WLAN Radio's base MAC Address. For WTPs that support
more than a single WLAN, the value of the WLAN Identifier is added more than a single WLAN, the value of the WLAN Identifier is added
to the last octet of the BSSID. Therefore, a WTP that supports 16 to the last octet of the BSSID. Therefore, a WTP that supports 16
WLANs MUST have 16 MAC Addresses reserved for it, and the last WLANs MUST have 16 MAC Addresses reserved for it, and the last
nibble is used to represent the WLAN ID. nibble is used to represent the WLAN ID.
Beacon Period: This attribute specifies the number of TU that a Beacon Period: This attribute specifies the number of TU that a
station uses for scheduling Beacon transmissions. This value is station uses for scheduling Beacon transmissions. This value is
transmitted in Beacon and Probe Response frames. transmitted in Beacon and Probe Response frames.
DTIM Period: This attribute specifies the number of beacon intervals DTIM Period: This attribute specifies the number of beacon
that elapses between transmission of Beacons frames containing a intervals that elapses between transmission of Beacons frames
TIM element whose DTIM Count field is 0. This value is containing a TIM element whose DTIM Count field is 0. This value
transmitted in the DTIM Period field of Beacon frames. is transmitted in the DTIM Period field of Beacon frames.
Country Code: This attribute identifies the country in which the Country Code: This attribute identifies the country in which the
station is operating. The first two octets of this string is the station is operating. The first two octets of this string is the
two character country code as described in document ISO/IEC 3166- two character country code as described in document ISO/IEC 3166-
1. The third octet MUST be one of the following: 1. The third octet MUST be one of the following:
1. an ASCII space character, if the regulations under which the 1. an ASCII space character, if the regulations under which the
station is operating encompass all environments in the station is operating encompass all environments in the country,
country,
2. an ASCII 'O' character, if the regulations under which the 2. an ASCII 'O' character, if the regulations under which the
station is operating are for an outdoor environment only, or station is operating are for an outdoor environment only, or
3. an ASCII 'I' character, if the regulations under which the 3. an ASCII 'I' character, if the regulations under which the
station is operating are for an indoor environment only station is operating are for an indoor environment only
Number of BSSIDs: This attribute contains the maximum number of Number of BSSIDs: This attribute contains the maximum number of
BSSIDs supported by the WTP. This value restricts the number of BSSIDs supported by the WTP. This value restricts the number of
logical networks supported by the WTP. logical networks supported by the WTP.
11.9.2 IEEE 802.11 Rate Set 11.9.2. IEEE 802.11 Rate Set
The rate set message element value is sent by the AC and contains the The rate set message element value is sent by the AC and contains the
supported operational rates. It contains the following fields. supported operational rates. It contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Rate Set | | Radio ID | Rate Set |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 16 for IEEE 802.11 Rate Set Type: 16 for IEEE 802.11 Rate Set
Length: 4 Length: 4
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Rate Set: The AC generates the Rate Set that the WTP is to include Rate Set: The AC generates the Rate Set that the WTP is to include
in it's Beacon and Probe messages. in it's Beacon and Probe messages.
11.9.3 IEEE 802.11 Multi-domain Capability 11.9.3. IEEE 802.11 Multi-domain Capability
The multi-domain capability message element is used by the AC to The multi-domain capability message element is used by the AC to
inform the WTP of regulatory limits. The value contains the inform the WTP of regulatory limits. The value contains the
following fields. following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | First Channel # | | Radio ID | Reserved | First Channel # |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 114, line 39 skipping to change at page 112, line 33
string. string.
Number of Channels: This attribute indicates the value of the total Number of Channels: This attribute indicates the value of the total
number of channels allowed in the subband for the associated number of channels allowed in the subband for the associated
domain country string. domain country string.
Max Tx Power Level: This attribute indicates the maximum transmit Max Tx Power Level: This attribute indicates the maximum transmit
power, in dBm, allowed in the subband for the associated domain power, in dBm, allowed in the subband for the associated domain
country string. country string.
11.9.4 IEEE 802.11 MAC Operation 11.9.4. IEEE 802.11 MAC Operation
The MAC operation message element is sent by the AC to set the 802.11 The MAC operation message element is sent by the AC to set the 802.11
MAC parameters on the WTP. The value contains the following fields. MAC parameters on the WTP. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | RTS Threshold | | Radio ID | Reserved | RTS Threshold |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Short Retry | Long Retry | Fragmentation Threshold | | Short Retry | Long Retry | Fragmentation Threshold |
skipping to change at page 116, line 27 skipping to change at page 114, line 15
Tx MSDU Lifetime: This attribute speficies the elapsed time in TU, Tx MSDU Lifetime: This attribute speficies the elapsed time in TU,
after the initial transmission of an MSDU, after which further after the initial transmission of an MSDU, after which further
attempts to transmit the MSDU MUST be terminated. The default attempts to transmit the MSDU MUST be terminated. The default
value of this attribute MUST be 512. value of this attribute MUST be 512.
Rx MSDU Lifetime: This attribute specifies the elapsed time in TU, Rx MSDU Lifetime: This attribute specifies the elapsed time in TU,
after the initial reception of a fragmented MMPDU or MSDU, after after the initial reception of a fragmented MMPDU or MSDU, after
which further attempts to reassemble the MMPDU or MSDU MUST be which further attempts to reassemble the MMPDU or MSDU MUST be
terminated. The default value MUST be 512. terminated. The default value MUST be 512.
11.9.5 IEEE 802.11 Tx Power 11.9.5. IEEE 802.11 Tx Power
The Tx power message element value is bi-directional. When sent by The Tx power message element value is bi-directional. When sent by
the WTP, it contains the current power level of the radio in the WTP, it contains the current power level of the radio in
question. When sent by the AC, it contains the power level the WTP question. When sent by the AC, it contains the power level the WTP
MUST adhere to. MUST adhere to.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | Current Tx Power | | Radio ID | Reserved | Current Tx Power |
skipping to change at page 117, line 5 skipping to change at page 114, line 39
Length: 4 Length: 4
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Reserved: MUST be set to zero Reserved: MUST be set to zero
Current Tx Power: This attribute contains the transmit output power Current Tx Power: This attribute contains the transmit output power
in mW. in mW.
11.9.6 IEEE 802.11 Tx Power Level 11.9.6. IEEE 802.11 Tx Power Level
The Tx power level message element is sent by the WTP and contains The Tx power level message element is sent by the WTP and contains
the different power levels supported. The value contains the the different power levels supported. The value contains the
following fields. following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Num Levels | Power Level [n] | | Radio ID | Num Levels | Power Level [n] |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 117, line 28 skipping to change at page 115, line 15
Length: >= 4 Length: >= 4
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Num Levels: The number of power level attributes. Num Levels: The number of power level attributes.
Power Level: Each power level fields contains a supported power Power Level: Each power level fields contains a supported power
level, in mW. level, in mW.
11.9.7 IEEE 802.11 Direct Sequence Control 11.9.7. IEEE 802.11 Direct Sequence Control
The direct sequence control message element is a bi-directional The direct sequence control message element is a bi-directional
element. When sent by the WTP, it contains the current state. When element. When sent by the WTP, it contains the current state. When
sent by the AC, the WTP MUST adhere to the values. This element is sent by the AC, the WTP MUST adhere to the values. This element is
only used for 802.11b radios. The value has the following fields. only used for 802.11b radios. The value has the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | Current Chan | Current CCA | | Radio ID | Reserved | Current Chan | Current CCA |
skipping to change at page 118, line 10 skipping to change at page 115, line 41
Length: 8 Length: 8
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Reserved: MUST be set to zero Reserved: MUST be set to zero
Current Channel: This attribute contains the current operating Current Channel: This attribute contains the current operating
frequency channel of the DSSS PHY. frequency channel of the DSSS PHY.
Current CCA: The current CCA method in operation. Valid values are: Current CCA: The current CCA method in operation. Valid values
are:
1 - energy detect only (edonly) 1 - energy detect only (edonly)
2 - carrier sense only (csonly) 2 - carrier sense only (csonly)
4 - carrier sense and energy detect (edandcs) 4 - carrier sense and energy detect (edandcs)
8 - carrier sense with timer (cswithtimer) 8 - carrier sense with timer (cswithtimer)
16 - high rate carrier sense and energy detect (hrcsanded) 16 - high rate carrier sense and energy detect (hrcsanded)
Energy Detect Threshold: The current Energy Detect Threshold being Energy Detect Threshold: The current Energy Detect Threshold being
used by the DSSS PHY. used by the DSSS PHY.
11.9.8 IEEE 802.11 OFDM Control 11.9.8. IEEE 802.11 OFDM Control
The OFDM control message element is a bi-directional element. When The OFDM control message element is a bi-directional element. When
sent by the WTP, it contains the current state. When sent by the AC, sent by the WTP, it contains the current state. When sent by the AC,
the WTP MUST adhere to the values. This element is only used for the WTP MUST adhere to the values. This element is only used for
802.11a radios. The value contains the following fields: 802.11a radios. The value contains the following fields:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Reserved | Current Chan | Band Support | | Radio ID | Reserved | Current Chan | Band Support |
skipping to change at page 119, line 9 skipping to change at page 116, line 41
Reserved: MUST be set to zero Reserved: MUST be set to zero
Current Channel: This attribute contains the current operating Current Channel: This attribute contains the current operating
frequency channel of the OFDM PHY. frequency channel of the OFDM PHY.
Band Supported: The capability of the OFDM PHY implementation to Band Supported: The capability of the OFDM PHY implementation to
operate in the three U-NII bands. Coded as an integer value of a operate in the three U-NII bands. Coded as an integer value of a
three bit field as follows: three bit field as follows:
capable of operating in the lower (5.15-5.25 GHz) U-NII band Bit 0 - capable of operating in the lower (5.15-5.25 GHz) U-NII
band
capable of operating in the middle (5.25-5.35 GHz) U-NII band
capable of operating in the upper (5.725-5.825 GHz) U-NII band Bit 1 - capable of operating in the middle (5.25-5.35 GHz) U-NII
band
Bit 2 - capable of operating in the upper (5.725-5.825 GHz) U-NII
band
For example, for an implementation capable of operating in the For example, for an implementation capable of operating in the
lower and mid bands this attribute would take the value lower and mid bands this attribute would take the value
TI Threshold: The Threshold being used to detect a busy medium TI Threshold: The Threshold being used to detect a busy medium
(frequency). CCA MUST report a busy medium upon detecting the (frequency). CCA MUST report a busy medium upon detecting the
RSSI above this threshold. RSSI above this threshold.
11.9.9 IEEE 802.11 Antenna 11.9.9. IEEE 802.11 Antenna
The antenna message element is communicated by the WTP to the AC to The antenna message element is communicated by the WTP to the AC to
provide information on the antennas available. The AC MAY use this provide information on the antennas available. The AC MAY use this
element to reconfigure the WTP's antennas. The value contains the element to reconfigure the WTP's antennas. The value contains the
following fields: following fields:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Diversity | Combiner | Antenna Cnt | | Radio ID | Diversity | Combiner | Antenna Cnt |
skipping to change at page 120, line 4 skipping to change at page 117, line 39
Radio ID: An 8-bit value representing the radio to configure. Radio ID: An 8-bit value representing the radio to configure.
Diversity: An 8-bit value specifying whether the antenna is to Diversity: An 8-bit value specifying whether the antenna is to
provide receive diversity. The following values are supported: provide receive diversity. The following values are supported:
0 - Disabled 0 - Disabled
1 - Enabled (may only be true if the antenna can be used as a 1 - Enabled (may only be true if the antenna can be used as a
receive antenna) receive antenna)
Combiner: An 8-bit value specifying the combiner selection. The Combiner: An 8-bit value specifying the combiner selection. The
following values are supported: following values are supported:
1 - Sectorized (Left) 1 - Sectorized (Left)
2 - Sectorized (Right) 2 - Sectorized (Right)
3 - Omni 3 - Omni
4 - Mimo 4 - Mimo
Antenna Count: An 8-bit value specifying the number of Antenna Antenna Count: An 8-bit value specifying the number of Antenna
Selection fields. Selection fields.
Antenna Selection: One 8-bit antenna configuration value per antenna Antenna Selection: One 8-bit antenna configuration value per
in the WTP. The following values are supported: antenna in the WTP. The following values are supported:
1 - Internal Antenna 1 - Internal Antenna
2 - External Antenna 2 - External Antenna
11.9.10 IEEE 802.11 Supported Rates 11.9.10. IEEE 802.11 Supported Rates
The supported rates message element is sent by the WTP to indicate The supported rates message element is sent by the WTP to indicate
the rates that it supports. The value contains the following fields. the rates that it supports. The value contains the following fields.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Supported Rates | | Radio ID | Supported Rates |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 16 for IEEE 802.11 Supported Rates Type: 16 for IEEE 802.11 Supported Rates
Length: 4 Length: 4
Radio ID: An 8-bit value representing the radio. Radio ID: An 8-bit value representing the radio.
Supported Rates: The WTP includes the Supported Rates that it's Supported Rates: The WTP includes the Supported Rates that it's
hardware supports. The format is identical to the Rate Set hardware supports. The format is identical to the Rate Set
message element. message element.
11.9.11 IEEE 802.11 CFP Status 11.9.11. IEEE 802.11 CFP Status
The CFP Status message element is sent to provide the CF Polling The CFP Status message element is sent to provide the CF Polling
configuration. configuration.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Status | | Radio ID | Status |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: 48 for IEEE 802.11 CFP Status Type: 48 for IEEE 802.11 CFP Status
Length: 2 Length: 2
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Status: An 8-bit boolean containing the status of the CF Polling Status: An 8-bit boolean containing the status of the CF Polling
feature. A value of zero disables CFP Status, while a value of feature. A value of zero disables CFP Status, while a value of
one enables it. one enables it.
skipping to change at page 121, line 22 skipping to change at page 119, line 15
Length: 2 Length: 2
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
Status: An 8-bit boolean containing the status of the CF Polling Status: An 8-bit boolean containing the status of the CF Polling
feature. A value of zero disables CFP Status, while a value of feature. A value of zero disables CFP Status, while a value of
one enables it. one enables it.
11.9.12 IEEE 802.11 WTP Mode and Type 11.9.12. IEEE 802.11 WTP Mode and Type
The WTP Mode and Type message element is used to configure an WTP to The WTP Mode and Type message element is used to configure an WTP to
operate in a specific mode. operate in a specific mode.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Mode | Type | | Mode | Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 121, line 46 skipping to change at page 119, line 39
Mode: An 8-bit value the type of information being sent. The Mode: An 8-bit value the type of information being sent. The
following values are supported: following values are supported:
0 - Split MAC 0 - Split MAC
2 - Local MAC 2 - Local MAC
Type: The type field is not currently used. Type: The type field is not currently used.
11.9.13 IEEE 802.11 Broadcast Probe Mode 11.9.13. IEEE 802.11 Broadcast Probe Mode
The Broadcast Probe Mode message element indicates whether an WTP The Broadcast Probe Mode message element indicates whether an WTP
will respond to NULL SSID probe requests. Since broadcast NULL will respond to NULL SSID probe requests. Since broadcast NULL
probes are not sent to a specific BSSID, the WTP cannot know which probes are not sent to a specific BSSID, the WTP cannot know which
SSID the sending station is querying. Therefore, this behavior must SSID the sending station is querying. Therefore, this behavior must
be global to the WTP. be global to the WTP.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
skipping to change at page 122, line 12 skipping to change at page 120, line 4
will respond to NULL SSID probe requests. Since broadcast NULL will respond to NULL SSID probe requests. Since broadcast NULL
probes are not sent to a specific BSSID, the WTP cannot know which probes are not sent to a specific BSSID, the WTP cannot know which
SSID the sending station is querying. Therefore, this behavior must SSID the sending station is querying. Therefore, this behavior must
be global to the WTP. be global to the WTP.
0 0
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Status | | Status |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type: 51 for IEEE 802.11 Broadcast Probe Mode Type: 51 for IEEE 802.11 Broadcast Probe Mode
Length: 1 Length: 1
Status: An 8-bit boolean indicating the status of whether an WTP Status: An 8-bit boolean indicating the status of whether an WTP
shall response to a NULL SSID probe request. A value of zero shall response to a NULL SSID probe request. A value of zero
disables NULL SSID probe response, while a value of one enables disables NULL SSID probe response, while a value of one enables
it. it.
11.9.14 IEEE 802.11 WTP Quality of Service 11.9.14. IEEE 802.11 WTP Quality of Service
The WTP Quality of Service message element value is sent by the AC to The WTP Quality of Service message element value is sent by the AC to
the WTP to communicate quality of service configuration information. the WTP to communicate quality of service configuration information.
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Radio ID | Tag Packets | | Radio ID | Tag Packets |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 123, line 40 skipping to change at page 121, line 34
AIFS: The Arbitration Inter Frame Spacing to use for the QoS AIFS: The Arbitration Inter Frame Spacing to use for the QoS
transmit queue. transmit queue.
CBR: The CBR value to observe for the QoS transmit queue. CBR: The CBR value to observe for the QoS transmit queue.
Dot1P Tag: The 802.1P precedence value to use if packets are to be Dot1P Tag: The 802.1P precedence value to use if packets are to be
802.1P tagged. 802.1P tagged.
DSCP Tag: The DSCP label to use if packets are to be DSCP tagged. DSCP Tag: The DSCP label to use if packets are to be DSCP tagged.
11.9.15 IEEE 802.11 MIC Error Report From Mobile 11.9.15. IEEE 802.11 MIC Error Report From Mobile
The MIC Error Report From Mobile message element is sent by an AC to The MIC Error Report From Mobile message element is sent by an AC to
an WTP when it receives a MIC failure notification, via the Error bit an WTP when it receives a MIC failure notification, via the Error bit
in the EAPOL-Key frame. in the EAPOL-Key frame.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Client MAC Address | | Client MAC Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 124, line 31 skipping to change at page 122, line 18
Client MAC Address: The Client MAC Address of the station reporting Client MAC Address: The Client MAC Address of the station reporting
the MIC failure. the MIC failure.
BSSID: The BSSID on which the MIC failure is being reported. BSSID: The BSSID on which the MIC failure is being reported.
Radio ID: The Radio Identifier, typically refers to some interface Radio ID: The Radio Identifier, typically refers to some interface
index on the WTP index on the WTP
WLAN ID: The WLAN ID on which the MIC failure is being reported. WLAN ID: The WLAN ID on which the MIC failure is being reported.
11.10 IEEE 802.11 Message Element Values 11.10. IEEE 802.11 Message Element Values
This section lists IEEE 802.11 specific values for any generic LWAPP This section lists IEEE 802.11 specific values for any generic LWAPP
message elements which include fields whose values are technology message elements which include fields whose values are technology
specific. specific.
IEEE 802.11 uses the following values: IEEE 802.11 uses the following values:
4 - Encrypt AES-CCMP 128: WTP supports AES-CCMP, as defined in [7]. 4 - Encrypt AES-CCMP 128: WTP supports AES-CCMP, as defined in [7].
5 - Encrypt TKIP-MIC: WTP supports TKIP and Michael, as defined in 5 - Encrypt TKIP-MIC: WTP supports TKIP and Michael, as defined in
[18]. [17].
12. LWAPP Protocol Timers 12. LWAPP Protocol Timers
An WTP or AC that implements LWAPP discovery MUST implement the An WTP or AC that implements LWAPP discovery MUST implement the
following timers. following timers.
12.1 MaxDiscoveryInterval 12.1. MaxDiscoveryInterval
The maximum time allowed between sending discovery requests from the The maximum time allowed between sending discovery requests from the
interface, in seconds. Must be no less than 2 seconds and no greater interface, in seconds. Must be no less than 2 seconds and no greater
than 180 seconds. than 180 seconds.
Default: 20 seconds. Default: 20 seconds.
12.2 SilentInterval 12.2. SilentInterval
The minimum time, in seconds, an WTP MUST wait after failing to The minimum time, in seconds, an WTP MUST wait after failing to
receive any responses to its discovery requests, before it MAY again receive any responses to its discovery requests, before it MAY again
send discovery requests. send discovery requests.
Default: 30 Default: 30
12.3 NeighborDeadInterval 12.3. NeighborDeadInterval
The minimum time, in seconds, an WTP MUST wait without having The minimum time, in seconds, an WTP MUST wait without having
received Echo Responses to its Echo Requests, before the destination received Echo Responses to its Echo Requests, before the destination
for the Echo Request may be considered dead. Must be no less than for the Echo Request may be considered dead. Must be no less than
2*EchoInterval seconds and no greater than 240 seconds. 2*EchoInterval seconds and no greater than 240 seconds.
Default: 60 Default: 60
12.4 EchoInterval 12.4. EchoInterval
The minimum time, in seconds, between sending echo requests to the AC The minimum time, in seconds, between sending echo requests to the AC
with which the WTP has joined. with which the WTP has joined.
Default: 30 Default: 30
12.5 DiscoveryInterval 12.5. DiscoveryInterval
The minimum time, in seconds, that an WTP MUST wait after receiving a The minimum time, in seconds, that an WTP MUST wait after receiving a
Discovery Response, before sending a join request. Discovery Response, before sending a join request.
Default: 5 Default: 5
12.6 RetransmitInterval 12.6. RetransmitInterval
The minimum time, in seconds, which a non-acknowledged LWAPP packet The minimum time, in seconds, which a non-acknowledged LWAPP packet
will be retransmitted. will be retransmitted.
Default: 3 Default: 3
12.7 ResponseTimeout 12.7. ResponseTimeout
The minimum time, in seconds, which an LWAPP Request message must be The minimum time, in seconds, which an LWAPP Request message must be
responded to. responded to.
Default: 1 Default: 1
12.8 KeyLifetime 12.8. KeyLifetime
The maximum time, in seconds, which an LWAPP session key is valid. The maximum time, in seconds, which an LWAPP session key is valid.
Default: 28800 Default: 28800
13. LWAPP Protocol Variables 13. LWAPP Protocol Variables
An WTP or AC that implements LWAPP discovery MUST allow for the An WTP or AC that implements LWAPP discovery MUST allow for the
following variables to be configured by system management; default following variables to be configured by system management; default
values are specified so as to make it unnecessary to configure any of values are specified so as to make it unnecessary to configure any of
these variables in many cases. these variables in many cases.
13.1 MaxDiscoveries 13.1. MaxDiscoveries
The maximum number of discovery requests that will be sent after an The maximum number of discovery requests that will be sent after an
WTP boots. WTP boots.
Default: 10 Default: 10
13.2 DiscoveryCount 13.2. DiscoveryCount
The number of discoveries transmitted by a WTP to a single AC. This The number of discoveries transmitted by a WTP to a single AC. This
is a monotonically increasing counter. is a monotonically increasing counter.
13.3 RetransmitCount 13.3. RetransmitCount
The number of retransmissions for a given LWAPP packet. This is a The number of retransmissions for a given LWAPP packet. This is a
monotonically increasing counter. monotonically increasing counter.
13.4 MaxRetransmit 13.4. MaxRetransmit
The maximum number of retransmissions for a given LWAPP packet before The maximum number of retransmissions for a given LWAPP packet before
the link layer considers the peer dead. the link layer considers the peer dead.
Default: 5 Default: 5
14. NAT Considerations 14. NAT Considerations
There are two specific situations where a NAT system may be used in There are two specific situations where a NAT system may be used in
conjunction with LWAPP. The first consists of a configuration where conjunction with LWAPP. The first consists of a configuration where
skipping to change at page 131, line 11 skipping to change at page 129, line 11
It is important to note that Perfect Forward Secrecy is not a It is important to note that Perfect Forward Secrecy is not a
requirement for the LWAPP protocol. requirement for the LWAPP protocol.
Note that the LWAPP protocol does not add any new vulnerabilities to Note that the LWAPP protocol does not add any new vulnerabilities to
802.11 infrastructure that makes use of WEP for encryption purposes. 802.11 infrastructure that makes use of WEP for encryption purposes.
However, implementors SHOULD discourage the use of WEP to allow the However, implementors SHOULD discourage the use of WEP to allow the
market to move towards technically sound cryptographic solutions, market to move towards technically sound cryptographic solutions,
such as 802.11i. such as 802.11i.
15.1 Certificate based Session Key establishment 15.1. Certificate based Session Key establishment
LWAPP uses public key cryptography to ensure trust between the WTP LWAPP uses public key cryptography to ensure trust between the WTP
and the AC. One question that periodically arises is why the Join and the AC. One question that periodically arises is why the Join
Request is not signed. Signing this request would not be optimal for Request is not signed. Signing this request would not be optimal for
the following reasons: the following reasons:
1. The Join Request is replayable, so a signature doesn't provide 1. The Join Request is replayable, so a signature doesn't provide
much protection unless the switches keep track of all previous much protection unless the switches keep track of all previous
Join Requests from a given WTP. Join Requests from a given WTP.
skipping to change at page 131, line 34 skipping to change at page 129, line 34
3. A signed Join Request provides a potential Denial of Service 3. A signed Join Request provides a potential Denial of Service
attack on the AC, which would have to authenticate each attack on the AC, which would have to authenticate each
(potentially malicious) message. (potentially malicious) message.
The WTP-Certificate that is included in the Join Request MUST be The WTP-Certificate that is included in the Join Request MUST be
validated by the AC. It is also good practice that the AC perform validated by the AC. It is also good practice that the AC perform
some form of authorization, ensuring that the WTP in question is some form of authorization, ensuring that the WTP in question is
allowed to establish an LWAPP session with it. allowed to establish an LWAPP session with it.
15.2 PSK based Session Key establishment 15.2. PSK based Session Key establishment
Use of a fixed shared secret of limited entropy (for example, a PSK Use of a fixed shared secret of limited entropy (for example, a PSK
that is relatively short, or was chosen by a human and thus may that is relatively short, or was chosen by a human and thus may
contain less entropy than its length would imply) may allow an contain less entropy than its length would imply) may allow an
attacker to perform a brute-force or dictionary attack to recover the attacker to perform a brute-force or dictionary attack to recover the
secret. secret.
It is RECOMMENDED that implementations that allow the administrator It is RECOMMENDED that implementations that allow the administrator
to manually configure the PSK also provide a functionality for to manually configure the PSK also provide a functionality for
generating a new random PSK, taking RFC 1750 [4] into account. generating a new random PSK, taking RFC 1750 [4] into account.
skipping to change at page 135, line 7 skipping to change at page 133, line 7
The IETF has been notified of intellectual property rights claimed in The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this regard to some or all of the specification contained in this
document. For more information consult the online list of claimed document. For more information consult the online list of claimed
rights. rights.
Please refer to http://www.ietf.org/ietf/IPR for more information. Please refer to http://www.ietf.org/ietf/IPR for more information.
19. References 19. References
19.1 Normative References 19.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997. Levels", BCP 14, RFC 2119, March 1997.
[2] National Institute of Standards and Technology, "Advanced [2] National Institute of Standards and Technology, "Advanced
Encryption Standard (AES)", FIPS PUB 197, November 2001, Encryption Standard (AES)", FIPS PUB 197, November 2001,
<http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf>. <http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf>.
[3] Whiting, D., Housley, R., and N. Ferguson, "Counter with CBC- [3] Whiting, D., Housley, R., and N. Ferguson, "Counter with CBC-
MAC (CCM)", RFC 3610, September 2003. MAC (CCM)", RFC 3610, September 2003.
skipping to change at page 136, line 9 skipping to change at page 134, line 9
Public Key Infrastructure Certificate and Certificate Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile", RFC 3280, April 2002. Revocation List (CRL) Profile", RFC 3280, April 2002.
[11] "Netscape Certificate Extensions Specification", [11] "Netscape Certificate Extensions Specification",
<http://wp.netscape.com/eng/security/comm4-cert-exts.html>. <http://wp.netscape.com/eng/security/comm4-cert-exts.html>.
[12] Clancy, C., "Security Review of the Light Weight Access Point [12] Clancy, C., "Security Review of the Light Weight Access Point
Protocol", May 2005, Protocol", May 2005,
<http://www.cs.umd.edu/~clancy/docs/lwapp-review.pdf>. <http://www.cs.umd.edu/~clancy/docs/lwapp-review.pdf>.
[13] "Recommendation for Block Cipher Modes of Operation: the CMAC 19.2. Informational References
Mode for Authentication", May 2005, <http://csrc.ncsl.nist.gov/
publications/nistpubs/800-38B/SP_800-38B.pdf>.
19.2 Informational References
[14] Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by an On- [13] Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by an On-
line Database", RFC 3232, January 2002. line Database", RFC 3232, January 2002.
[15] Bradner, S., "The Internet Standards Process -- Revision 3", [14] Bradner, S., "The Internet Standards Process -- Revision 3",
BCP 9, RFC 2026, October 1996. BCP 9, RFC 2026, October 1996.
[16] Kent, S. and R. Atkinson, "Security Architecture for the [15] Kent, S. and R. Atkinson, "Security Architecture for the
Internet Protocol", RFC 2401, November 1998. Internet Protocol", RFC 2401, November 1998.
[17] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing [16] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing
for Message Authentication", RFC 2104, February 1997. for Message Authentication", RFC 2104, February 1997.
[18] "WiFi Protected Access (WPA) rev 1.6", April 2003. [17] "WiFi Protected Access (WPA) rev 1.6", April 2003.
Authors' Addresses Authors' Addresses
Pat R. Calhoun Pat R. Calhoun
Cisco Systems, Inc. Cisco Systems, Inc.
170 West Tasman Drive 170 West Tasman Drive
San Jose, CA 95134 San Jose, CA 95134
Phone: +1 408-853-5269 Phone: +1 408-853-5269
Email: pcalhoun@cisco.com Email: pcalhoun@cisco.com
skipping to change at page 138, line 5 skipping to change at page 137, line 5
Email: Michael.G.Williams@Nokia.com Email: Michael.G.Williams@Nokia.com
Sue Hares Sue Hares
Nexthop Technologies, Inc. Nexthop Technologies, Inc.
825 Victors Way, Suite 100 825 Victors Way, Suite 100
Ann Arbor, MI 48108 Ann Arbor, MI 48108
Phone: +1 734 222 1610 Phone: +1 734 222 1610
Email: shares@nexthop.com Email: shares@nexthop.com
Intellectual Property Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79. found in BCP 78 and BCP 79.
skipping to change at page 138, line 29 skipping to change at page 137, line 45
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at this standard. Please address the information to the IETF at
ietf-ipr@ietf.org. ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is provided by the IETF
Internet Society. Administrative Support Activity (IASA).
 End of changes. 322 change blocks. 
595 lines changed or deleted 594 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/