Thin access point architecture

In this section, we will show the implementation methodology of thin AP. First of all, we will describe the platform which we use to implement the thin access point architecture.

Then we will describe the main tasks of the thin AP. Finally, we will describe the main state machine of thin AP and the major function of every state individually will be shown.

STA IDC

EAP-Response / Identity EAP-Response / Identity RADIUS-Access-Request RADIUS-Access-Challenge

Figure 3.3: A message sequence chart to demonstrate that how does the IEEE 802.1x model works on our architecture.

3.2.1 Development environment

We use InterEpoch’s access point as the platform to implement the thin access point.

This access point is based on Intersil’s Prism2.5 chipsets which can work with the HostAP driver to emulate the access point. Therefore, we can implement the thin access point architecture by receiving and transmitting the IEEE 802.11 frame through the driver. Due to HostAP driver does not take care of bridging between wireless and wired networks, it has to be implemented using external software if this access point feature is required.

Thus, we installed bridge-utils-0.9.6-1 to support bridge functionality.

3.2.2 Overview

For each AP in thin AP architecture, it has four major tasks:

1. Receive the frame from mobile station (such as IEEE 802.11 management frame, IEEE 802.11 data frame and IEEE 802.1x packet) and send it to access router.

2. Receive the frame from access router (such as IEEE 802.11 management frame, IEEE 802.11 data frame and IEEE 802.1x packet) and send it to mobile station.

3. Receive the LWAPP packet from access router and execute the corresponding function according to the command in the LWAPP packet.

a. Add or delete mobile station to kernel driver:

When a mobile station associates to an access router, the access router will ask the access point to record the information of the mobile station for future operation. On the contrary, if a mobile station disassociates to an access router, the access router will ask the access point delete the information of the mobile station.

b. Offer or do not offer network service to a mobile station:

When a mobile station is authorized by a RADIUS server, access router will ask access point to offer network service to the mobile station. On the contrary, access point will disable the network access capability of a mobile station if the mobile station is not authorized by a RADIUS server.

c. Check the activity of mobile station:

To prevent a inactive mobile station from occupying the system resource, access router will ask access point to check the activity of the mobile station. If the mobile station is inactive, access point will stop providing the service to the mobile station.

d. Reset:

If some critical function (such as download new firmware from access router) has been executed, access router will ask the access point to restart itself.

4. Send the statistics to access router periodically. Access router can optimize the network performance by configuring every access point according to the statistics.

3.2.3 Main state machine

Fig 3.4 illustrates the main state machine of the thin AP. In this architecture, thin APs and ARs cooperate with each other by following the LWAPP which had been introduced in chapter 2. For this reason, LWAPP relative functions are in the majority of the functions of thin AP.

The following steps describe Figure 3.4 in more detail.

1. When access point starts, it enters Idle state immediately and waits for a while for entering the Discovery state.

2. Then it will enter Discovery state to search how many access routers are available in

success

Figure 3.4: The main flowchart of thin AP.

this subnet. If there is no available access router, access point will enter Sulking state for a while and enter Discovery state again.

3. While access point receives the information of access router, access point will enter Join state and choose a appropriate access router to join. If the join action is success access point will enter Configure state. Otherwise, it will return to Discovery state to get information of access routers again.

4. In the Configure state, access point will send its configuration and hardware limitation of itself to access point. If the access router accepts the configuration and limitation, it sends the response back to configure the access point to optimize the performance of entire network. Otherwise, access point will return back to Discovery state.

5. If the configuration operation succeeds, access point will move to Running state. In this state access point will do the operation that we have discussed in section 3.2.2.

In addition to the operation in section 3.2.2, access point has some task to do periodically:

a. Sends the keep-alive message to access router periodically for checking whether the connection with access router is disconnected. Access point will consider that the connection with access point is disconnected if it does not receive acknowledgement after a constant time it sends access router the keep-alive message. If the connection is disconnected, access point will return to Discovery state.

b. Send the key update message to access router periodically to get the new en-cryption key with access router.