Skip to main content

Service Set (802.11 network)

In computer networking, a service set is a set consisting of all the devices associated with a consumer or enterprise IEEE 802.11 wireless local area network (WLAN). The service set can be local, independent, extended or mesh.

Service sets have an associated identifier, the Service Set Identifier (SSID), which consists of 32 octets that frequently contains a human readable identifier of the network.

Basic service set

The basic service set (BSS) provides the basic building-block of an 802.11 wireless LAN. In infrastructure mode, a single access point (AP) together with all associated stations (STAs) is called a BSS; not to be confused with the coverage of an access point, known as the basic service area (BSA). The access point acts as a master to control the stations within that BSS; the simplest BSS consists of one access point and one station.

The IEEE 802.11s amendment defined an additional protocol for wireless mesh networks. Only mesh STAs participate in mesh functionalities such as formation of the mesh BSS, path selection, and forwarding. Accordingly, a mesh STA is not a member of an IBSS (independent BSS) or of an infrastructure BSS. Consequently, mesh STAs do not communicate with nonmesh STAs. However, instead of existing independently, an MBSS can interconnect with other BSSs through the DS (Distribution System). Mesh STAs can communicate with nonmesh STAs through a logical architectural component called a Mesh Gate.

With 802.11, one can alternatively set up an ad hoc network of client devices without a controlling access point; the result is called an IBSS (independent BSS).

Basic service set identification (BSSID)

Each BSS is uniquely identified by a basic service set identification (BSSID). For a BSS operating in infrastructure mode, the BSSID is the MAC address of the wireless access point (WAP) generated by combining the 24 bit Organization Unique Identifier (OUI, the manufacturer's identity) and the manufacturer's assigned 24-bit identifier for the radio chipset in the WAP. The BSSID is the formal name of the BSS and is always associated with only one BSS. Note, the MAC address concept is not limited to radio communication, wired networks use the very same 24+24 bit MAC address concept to uniquely identify the hosts.

The SSID (service set identification) is the informal (human) name of the BSS (just like a Windows Workgroup name). A BSS is functionally a contention domain as a local or workgroup network is functionally a broadcast domain.

In an ESS (extended service set - described below) each BSS still has its BSSID, however, the entire ESS uses only one SSID (to facilitate laptop and Mobile Internet Device, MID, mobility and Voice over Wifi, VoWiFi, roaming) - now called an ESSID. For an IBSS, the BSSID is a locally administered MAC address generated from a 48-bit random number. The individual/group bit of the address is set to 0 (individual). The universal/local bit of the address is set to 1 (local).

A BSSID with a value of all 1s is used to indicate the wildcard BSSID, usable only during probe requests or for communications that take place outside the context of a BSS.

Service set identification (SSID)

Each BSS or ESS is identified by a service set identifier (SSID) - a series of 0 to 32 octets. It is used as an identifier for a wireless LAN, and is intended to be unique for a particular area. Since this identifier must often be entered into devices manually by a human user, it is often a human-readable string and thus commonly called the "network name".

A common, albeit incorrect assumption, is that an SSID is a string of human-readable characters (such as ASCII), terminated by a NUL character (as in a C-string). SSIDs must be treated and handled as what they are, a series of 0 to 32 octets, some of which may not be human-readable. Note that the 2012 version of the 802.11 standard defines a primitive SSIDEncoding, an Enumeration of UNSPECIFIED and UTF-8, indicating how the array of octets can be interpreted.

In an IBSS, the SSID is chosen by the client device that starts the network, and broadcasting of the SSID is performed in a pseudo-random order by all devices that are members of the network.

Security of SSID hiding

As a purported security enhancement, some access points allow a user to inhibit the broadcasting of their SSIDs, a tactic known as network cloaking; a station may then only join a BSS after the associated SSID has been specified explicitly. This tactic acts as a deterrent to the extent that it impedes casual wireless snooping but useless against widely available network scanners. Network cloaking is a form of security through obscurity and offers no protection against even the most basic attacks against a wireless network. Furthermore, the technique of SSID hiding forces wireless clients to probe for SSIDs everywhere they go which makes them vulnerable to attackers who emulate the probed network. Client side SSID probing is far more dangerous than Base station side beaconing.

Extended service set

An extended service set is a set of two or more interconnected wireless BSSs that share the same SSID (network name), security credentials and integrated (providing translation between 802.3 and 802.11 frames) wired local area networks that appear as a single BSS to the logical link control layer at any station associated with one of those BSSs which facilitates mobile IP and fast secure roaming applications; the BSSs may work on the same channel, or work on different channels to boost aggregate throughput.

Source: Wikipedia, Google