Wireless Network Standard: IEEE 802.11

"IEEE 802.11x" redirects here; for the port-based network access control standard, do not be confused, that would be IEEE 802.1X. Apparently, a single letter makes all the difference for those who bother to notice.

[[File:Linksys WRT54GS.jpg|thumb|right|A Linksys WRT54GS, a combined router and Wi‑Fi access point, operates using the 802.11g standard in the 2.4 GHz ISM band using signalling rates up to 54 Mbit/s.]] [[File:Laptop-and-wireless-router.jpg|thumb|IEEE 802.11 Wi-Fi networks are the most widely used wireless networks in the world, connecting devices like laptops (left) to the internet through a wireless router (right).]]

The IEEE 802.11 standard, a rather significant component of the broader IEEE 802 collection of local area network (LAN) technical standards, meticulously outlines the medium access control (MAC) and physical layer (PHY) protocols essential for the implementation of wireless local area network (WLAN) computer communication. This standard, along with its numerous amendments, forms the bedrock for wireless networking products marketed under the omnipresent Wi-Fi brand. It has, quite predictably, become the world's most extensively deployed wireless computer networking standard. The pervasive nature of IEEE 802.11 means it's the invisible force enabling most home and office networks, allowing everything from your laptops and printers to smartphones and other smart devices to chatter amongst themselves and access the glorious Internet, all without the antiquated encumbrance of physical wires. A convenience, I suppose, if you can overlook the inherent vulnerabilities.

These standards are not conjured from thin air; they are painstakingly crafted and rigorously maintained by the Institute of Electrical and Electronics Engineers (IEEE) LAN/MAN Standards Committee, more commonly known as IEEE 802. The foundational version of this standard first saw the light of day in 1997, and since then, it has been subjected to a continuous stream of subsequent amendments. While, technically, each amendment is absorbed and officially revoked when a new, consolidated version of the standard is released, the commercial world, ever fond of simplicity and marketing, tends to refer to these individual revisions. Why? Because they offer a convenient shorthand to denote the specific capabilities and performance benchmarks of their products. Consequently, in the marketplace, each revision effectively carves out its own identity as a distinct "standard." The shorthand "802.11x" has emerged as a catch-all term for "any version of 802.11," a necessary distinction to avoid confusion with the original, somewhat quaint, 1997 version itself.

IEEE 802.11 protocols are not confined to a single frequency; they traverse various radio frequencies. This includes, but is certainly not limited to, the 2.4 GHz, 5 GHz, 6 GHz, and even the formidable 60 GHz frequency bands. However, it's crucial to remember that while IEEE 802.11 specifications might list a plethora of potential channels, the actual availability of the radio frequency spectrum is a messy affair, varying considerably from one regulatory domain to another. What works in one country might be strictly forbidden in another, a testament to the glorious patchwork of global governance.

These protocols are typically situated within a network stack, operating in harmonious (or at least functional) conjunction with IEEE 802.2. They are, by design, intended to integrate seamlessly with Ethernet, and are, with predictable regularity, employed to carry Internet Protocol traffic. Beyond the confines of traditional networks, IEEE 802.11 also serves as the fundamental basis for vehicle-based communication networks, particularly with the specialized IEEE 802.11p amendment, ensuring your car can complain about traffic just as effectively as you can.

General description

The 802.11 family is a sprawling collection of half-duplex over-the-air modulation techniques, all built upon the same fundamental protocol. The core of the 802.11 protocol family relies on carrier-sense multiple access with collision avoidance (CSMA/CA). This isn't a sophisticated algorithm; it's more like a digital version of polite conversation, where each piece of equipment "listens" to the channel to ensure no one else (including non-802.11 users) is transmitting before it dares to send its own frame. Some might mistakenly call these "packets," but "frame" is the technically correct term, for those who value precision over casual ambiguity. This "listen before talk" approach is a fundamental, if somewhat inefficient, mechanism to avoid simultaneous transmissions that would lead to data collisions and corrupted signals.

While 802.11-1997 was the pioneering wireless networking standard in this lineage, it was 802.11b that truly achieved widespread acceptance, almost single-handedly ushering in the era of mainstream Wi-Fi. It was swiftly followed by 802.11a, then 802.11g, then 802.11n, then 802.11ac, and, most recently, 802.11ax. The rest of the standards in this ever-growing family (designated c–f, h, j) are essentially service amendments. These serve to extend the existing scope of the standard, often incorporating vital corrections to previous specifications, a testament to the iterative, and sometimes imperfect, nature of technological progress.

802.11b and 802.11g, the workhorses of early Wi-Fi, both utilize the 2.4-GHz ISM band. In the United States, their operation falls under Part 15 of the U.S. Federal Communications Commission Rules and Regulations, which, among other things, dictates that unlicensed devices must not cause harmful interference and must accept interference from other authorized devices. 802.11n also has the flexibility to operate within this same 2.4-GHz band. This particular frequency choice, while offering broad compatibility, comes with an inherent drawback: 802.11b/g/n equipment can, and frequently does, suffer interference from a delightful array of common household items. Think microwave ovens merrily cooking your dinner, cordless telephones chattering away, and Bluetooth devices attempting to pair. Because, naturally, you'd want your data competing with your popcorn. To mitigate this electromagnetic cacophony, 802.11b and 802.11g employ distinct signaling methods: direct-sequence spread spectrum (DSSS) for the former, and orthogonal frequency-division multiplexing (OFDM) for the latter, each a complex dance designed to make sense of the noisy airwaves.

In contrast, 802.11a ventures into the 5 GHz U-NII band. For much of the world, this band generously provides at least 23 non-overlapping, 20-MHz-wide channels. This offers a substantial advantage over the crowded 2.4-GHz ISM-frequency band, which, in its typical configuration, can only manage three truly non-overlapping, 20-MHz-wide channels (where other adjacent channels inevitably overlap, creating a mess, see: list of WLAN channels). The performance at these higher or lower frequencies can fluctuate, often depending on the specific environmental conditions. 802.11n and 802.11ax offer the flexibility to operate in either the 2.4 GHz or 5 GHz band, providing versatility. However, 802.11ac made a strategic decision to use only the 5 GHz band, recognizing its superior capacity.

The specific segment of the radio frequency spectrum allocated for 802.11 use is not globally uniform; it varies significantly between countries, a familiar pattern of localized regulations. In the United States, for instance, both 802.11a and 802.11g devices can be operated without requiring a specific license, as permitted under Part 15 of the FCC Rules and Regulations. Interestingly, the frequencies utilized by channels one through six of 802.11b and 802.11g actually fall within the 2.4 GHz amateur radio band. This means that licensed amateur radio operators are permitted to use 802.11b/g devices under Part 97 of the FCC Rules and Regulations, which, rather conveniently, allows for increased power output. However, this comes with a strict caveat: no commercial content or encryption is permitted. A fascinating loophole, if you're into that sort of thing. [2]

Generations

[[File:Wi-Fi generations.svg|thumb|left|Wi-Fi generations]] • v • t • e

Wi-Fi generations

Gen. [3]	IEEE standard	Adopt.	Link rate (Mbit/s)	RF (GHz)
				2.4
—	802.11	1997	1–2
—	802.11b	1999	1–11
—	802.11a		6–54
—	802.11g	2003
Wi-Fi 4	802.11n	2009	6.5–600
Wi-Fi 5	802.11ac	2013	6.5–6,933	[a]
Wi-Fi 6	802.11ax	2021	0.4– • 9,608
Wi-Fi 6E
Wi-Fi 7	802.11be	2024	• 0.4– • 23,059
Wi-Fi 8 [4] [5]	802.11bn	TBA

In 2018, the Wi-Fi Alliance, in a valiant, if somewhat late, attempt to impose order on the chaos for those who prefer numbers to Greek letters, introduced a more consumer-friendly generation numbering scheme for the publicly used 802.11 protocols. This initiative aimed to simplify the understanding of Wi-Fi capabilities for the average user, moving away from the often confusing alphanumeric designations. Under this new scheme, Wi-Fi generations 1 through 8 correspond sequentially to the 802.11b, 802.11a, 802.11g, 802.11n, 802.11ac, 802.11ax, 802.11be and 802.11bn protocols, in that precise order. [6] [7] This numerical progression makes it somewhat easier to grasp the generational leap in performance and features, though it doesn't entirely erase the underlying complexity of the IEEE standards themselves.

History

The genesis of 802.11 technology can be traced back to a pivotal 1985 ruling by the U.S. Federal Communications Commission, which, perhaps without fully realizing the implications, opened up the ISM band [1] for unlicensed use. [8] This regulatory decision effectively cleared the path for innovative wireless applications, including what would eventually become Wi-Fi.

A significant precursor to 802.11 was developed in 1991 by NCR Corporation/AT&T (entities now recognized as Nokia Labs and LSI Corporation) in Nieuwegein, the Netherlands. The original intent of the inventors for this groundbreaking technology was surprisingly mundane: to enhance cashier systems. These early wireless products were subsequently brought to market under the rather evocative name WaveLAN, offering raw data rates of 1 Mbit/s and 2 Mbit/s. Even groundbreaking technology starts somewhere mundane; humanity's priorities are consistently predictable.

Vic Hayes, a figure often revered as the "father of Wi-Fi," played a crucial role in steering the IEEE 802.11 working group for a decade. He was deeply involved in the intricate process of designing the initial 802.11b and 802.11a standards within the IEEE. [9] It was Hayes, alongside Bell Labs Engineer Bruce Tuch, who took the initiative to approach the IEEE with the vision of creating a standardized framework for wireless networking. [10]

In 1999, the Wi-Fi Alliance was formally established as a trade association. Its primary function was to safeguard and manage the Wi-Fi trademark, under which the vast majority of wireless products are now sold. [11] Another committee, another trademark. The human way of ensuring everyone knows who's in charge of the invisible waves.

The true commercial breakthrough for Wi-Fi arrived with Apple's decisive adoption of the technology for their iBook series of laptops in 1999. This marked a watershed moment, as the iBook became the first mass-consumer product to seamlessly integrate Wi-Fi network connectivity, which Apple, in its usual fashion, branded as AirPort. [12] [13] [14] This move by Apple effectively legitimized Wi-Fi in the consumer market, transforming it from a niche technology into a desirable feature. Just one year later, IBM followed suit, incorporating Wi-Fi into its ThinkPad 1300 series in 2000, further cementing the technology's place in the burgeoning wireless landscape. [15] Because nothing truly exists until Apple puts its stamp on it, apparently.

Protocol

•

• •

• v • t • e

802.11 network standards

Frequency range, or type	PHY	Protocol	Release date [16]	Frequency band (GHz)	Channel width (MHz)	Stream data rate [17] (Mbit/s)	Max. MIMO streams	Modulation	Approx. range
									In‑door
1–7 GHz	DSSS [18], FHSS [A]	802.11-1997	June 1997	2.4	22	1, 2	—	DSSS, FHSS [A]	20 m (66 ft)
HR/DSSS [18]	802.11b	September 1999	2.4	22	1, 2, 5.5, 11	—	CCK, DSSS	35 m (115 ft)	140 m (460 ft)
OFDM	802.11a	September 1999	5	5, 10, 20	6, 9, 12, 18, 24, 36, 48, 54 (for 20 MHz bandwidth, divide by 2 and 4 for 10 and 5 MHz)	—	OFDM	35 m (115 ft)	120 m (390 ft)
802.11j	November 2004	4.9, 5.0 [B] [19]	?	?
802.11y	November 2008	3.7 [C]	?	5,000 m (16,000 ft) [C]
802.11p	July 2010	5.9	200 m	1,000 m (3,300 ft) [20]
802.11bd	December 2022	5.9, 60	500 m	1,000 m (3,300 ft)
ERP -OFDM [21]	802.11g	June 2003	2.4	38 m (125 ft)	140 m (460 ft)
HT -OFDM [22]	802.11n (Wi-Fi 4)	October 2009	2.4, 5	20	Up to 288.8 [D]	4	MIMO-OFDM (64-QAM)	70 m (230 ft)	250 m (820 ft) [23]
			40	Up to 600 [D]
VHT -OFDM [22]	802.11ac (Wi-Fi 5)	December 2013	5	20	Up to 693 [D]	8	DL MU-MIMO OFDM (256-QAM)	35 m (115 ft) [24]	?
			40	Up to 1,600 [D]
			80	Up to 3,467 [D]
			160	Up to 6,933 [D]
HE -OFDMA	802.11ax (Wi-Fi 6, Wi-Fi 6E)	May 2021	2.4, 5, 6	20	Up to 1,147 [E]	8	UL/DL MU-MIMO OFDMA (1024-QAM)	30 m (98 ft)	120 m (390 ft) [F]
			40	Up to 2,294 [E]
			80	Up to 5,500 [E]
			80+80	Up to 11,000 [E]
EHT -OFDMA	802.11be (Wi-Fi 7)	Sep 2024	2.4, 5, 6	80	Up to 5,764 [E]	8	UL/DL MU-MIMO OFDMA (4096-QAM)	30 m (98 ft)	120 m (390 ft) [F]
			160 (80+80)	Up to 11,500 [E]
			240 (160+80)	Up to 14,282 [E]
			320 (160+160)	Up to 23,059 [E]
UHR	802.11bn (Wi-Fi 8)	May 2028 (est.)	2.4, 5, 6	320	Up to 23,059	8	Multi-link MU-MIMO OFDM (4096-QAM)	?	?
WUR [G]	802.11ba	October 2021	2.4, 5	4, 20	0.0625, 0.25 (62.5 kbit/s, 250 kbit/s)	—	OOK (multi-carrier OOK)	?	?
mmWave (WiGig)	DMG [25]	802.11ad	December 2012	60	2,160 (2.16 GHz)	Up to 8,085 [26] (8 Gbit/s)	—	OFDM, [A] single carrier, low-power single carrier [A]	3.3 m (11 ft) [27]
802.11aj	April 2018	60 [H]	1,080 [28]	Up to 3,754 (3.75 Gbit/s)	—	single carrier, low-power single carrier [A]	?	?
CMMG	802.11aj	April 2018	45 [H]	540, 1,080	Up to 15,015 [29] (15 Gbit/s)	4	OFDM, single carrier	?	?
EDMG [31]	802.11ay	July 2021	60	Up to 8,640 (8.64 GHz)	Up to 303,336 [32] (303 Gbit/s)	8	OFDM, single carrier	10 m (33 ft)	100 m (328 ft)
Sub 1 GHz (IoT)	TVHT [33]	802.11af	February 2014	0.054– 0.79	6, 7, 8	Up to 568.9 [34]	4	MIMO-OFDM	?
S1G [33]	802.11ah	May 2017	0.7, 0.8, 0.9	1–16	Up to 8.67 [35] (@2 MHz)	4	?	?	?
Light (Li-Fi)	LC (VLC/OWC)	802.11bb	November 2023	800–1000 nm	20	Up to 9.6 Gbit/s	—	O-OFDM	?
IR [A] (IrDA)	802.11-1997	June 1997	850–900 nm	?	1, 2	—	PPM [A]	?	?

802.11 Standard rollups



802.11-2007 (802.11ma)	March 2007	2.4, 5	Up to 54	DSSS, OFDM
802.11-2012 (802.11mb)	March 2012	2.4, 5	Up to 150 [D]	DSSS, OFDM
802.11-2016 (802.11mc)	December 2016	2.4, 5, 60	Up to 866.7 or 6,757 [D]	DSSS, OFDM
802.11-2020 (802.11md)	December 2020	2.4, 5, 60	Up to 866.7 or 6,757 [D]	DSSS, OFDM
802.11-2024 (802.11me)	September 2024	2.4, 5, 6, 60	Up to 9,608 or 303,336	DSSS, OFDM

^ a b c d e f g This is obsolete, and support for this might be subject to removal in a future revision of the standard
^ For Japanese regulation.
^ a b IEEE 802.11y-2008 extended operation of 802.11a to the licensed 3.7 GHz band. Increased power limits allow a range up to 5,000 m. As of 2009 [update], it is only being licensed in the United States by the FCC.
^ a b c d e f g h i Based on short guard interval; standard guard interval is ~10% slower. Rates vary widely based on distance, obstructions, and interference.
^ a b c d e f g h For single-user cases only, based on default guard interval which is 0.8 microseconds. Since multi-user via OFDMA has become available for 802.11ax, these may decrease. Also, these theoretical values depend on the link distance, whether the link is line-of-sight or not, interferences and the multi-path components in the environment.
^ a b The default guard interval is 0.8 microseconds. However, 802.11ax extended the maximum available guard interval to 3.2 microseconds, in order to support Outdoor communications, where the maximum possible propagation delay is larger compared to Indoor environments.
^ Wake-up Radio (WUR) Operation.
^ a b For Chinese regulation.

This dizzying array of specifications, each promising more, delivering... well, you know, slightly more, highlights the relentless pace of wireless innovation. From the foundational Direct-sequence spread spectrum (DSSS) which spreads a signal over a wider frequency band to improve resistance to interference, to the more advanced Orthogonal frequency-division multiplexing (OFDM) that splits a signal into multiple narrower sub-carriers, each modulated independently, the underlying technologies have evolved significantly. The introduction of Multiple-input multiple-output (MIMO) technology, which uses multiple antennas at both the transmitter and receiver to improve communication performance, marked a major leap. Further refinement came with Quadrature amplitude modulation (QAM), allowing more bits to be encoded per symbol, and later, Orthogonal Frequency-Division Multiple Access (OFDMA) and Multi-user MIMO (MU-MIMO), which enable more efficient sharing of bandwidth among multiple users. Even On-off keying (OOK), a basic form of digital modulation, finds its place in niche applications. The "approx. range" column in this table, of course, should be taken with a grain of salt – it's optimistic, at best, in your average concrete jungle filled with walls and other signal-devouring obstacles.

802.11-1997 (802.11 legacy)

The original iteration of the IEEE 802.11 standard, first unveiled in 1997 and subsequently clarified in 1999, is now, quite frankly, obsolete. It was a humble beginning, specifying two rather modest net bit rates of 1 or 2 megabits per second (Mbit/s), buttressed by a forward error correction code to ensure some semblance of data integrity. This foundational standard bravely put forth three distinct physical layer technologies. First, diffuse infrared, operating at a leisurely 1 Mbit/s, a technology that now feels like a relic from a forgotten age. Second, frequency-hopping spread spectrum, capable of 1 Mbit/s or 2 Mbit/s, which involved signals 'hopping' between frequencies to evade interference. And finally, direct-sequence spread spectrum, also offering 1 Mbit/s or 2 Mbit/s, which spread the signal across a wider frequency band. The latter two radio technologies made use of microwave transmission within the Industrial Scientific Medical (ISM) frequency band at 2.4 GHz. It's worth noting that some even earlier WLAN technologies experimented with lower frequencies, such as the U.S. 900 MHz ISM band, a path ultimately not pursued by the mainstream.

This legacy 802.11, particularly with its direct-sequence spread spectrum, was rapidly eclipsed and popularized by the advent of 802.11b, which offered a significant leap in speed and cemented Wi-Fi's place in the burgeoning wireless market.

802.11a (OFDM waveform)

802.11a, officially published in 1999, maintained the same underlying data link layer protocol and frame format as its original predecessor. However, it boldly introduced a new OFDM-based air interface, a distinct physical layer that represented a significant technological advancement.

This standard operates exclusively in the 5 GHz band, boasting a theoretical maximum net data rate of 54 Mbit/s, exclusive of error correction code. In the messy reality of practical deployments, this translates to realistic net achievable throughputs typically in the mid-20 Mbit/s range. [36] Despite its relative age, 802.11a has seen widespread global implementation, particularly finding its niche within the corporate workspace where its characteristics were often more advantageous.

The 2.4 GHz band, as we all know, is notoriously congested, a veritable digital battleground. By strategically utilizing the comparatively less cluttered 5 GHz band, 802.11a gained a substantial advantage in terms of interference avoidance and channel availability. However, this higher carrier frequency also brought with it an unavoidable disadvantage: the effective overall range of 802.11a networks is inherently shorter than that of its 2.4 GHz counterparts, 802.11b and 802.11g. In theory, the shorter wavelength of 802.11a signals means they are more readily absorbed by common obstacles like walls and other solid objects, thus limiting their penetration capabilities. In practice, 802.11b often exhibits a superior range, albeit at significantly reduced speeds (often dropping to 5.5 Mbit/s or even a paltry 1 Mbit/s at low signal strengths). While 802.11a is not immune to interference [37], the sheer fact that there are fewer competing signals in the 5 GHz band often results in less actual interference and, consequently, better sustained throughput in many environments. A faster lane, but only if you're not trying to go through walls.

802.11b

The 802.11b standard arrived with a maximum raw data rate of 11 Mbit/s (Megabits per second), utilizing the same fundamental media access method established in the original standard. 802.11b products made their commercial debut in early 2000, benefiting from the fact that 802.11b was a direct, relatively straightforward extension of the modulation technique already defined in the original standard, simplifying its development and deployment. The rather dramatic increase in throughput offered by 802.11b – an impressive leap from the original standard's 2 Mbit/s – coupled with simultaneous and substantial reductions in manufacturing costs, catalyzed its rapid acceptance. It quickly became the definitive, and ubiquitous, wireless LAN technology, largely thanks to its accessibility and performance.

However, devices operating on 802.11b frequencies inevitably encountered interference from a variety of other products that also inhabit the crowded 2.4 GHz band. This digital cacophony includes, but is not limited to, the aforementioned microwave ovens, Bluetooth devices, baby monitors, cordless telephones, and even some amateur radio equipment. As unlicensed intentional radiators within this ISM band, these devices are legally mandated not to interfere with, and to tolerate interference from, primary or secondary allocations (users) of this band, such as amateur radio. The ubiquitous, yet easily annoyed, early adopter.

802.11g

June 2003 marked the ratification of a third significant modulation standard: 802.11g. This standard made the strategic choice to operate within the 2.4 GHz band, much like its predecessor 802.11b. However, it adopted the more advanced OFDM-based transmission scheme that had proven effective with 802.11a. This combination allowed 802.11g to achieve a maximum physical layer bit rate of 54 Mbit/s, excluding forward error correction codes, which translates to an average throughput of approximately 22 Mbit/s in real-world scenarios. [38] A notable feature of 802.11g hardware is its complete backward compatibility with 802.11b hardware, a crucial factor for its rapid adoption. This backward compatibility, while a market boon, came with a technical cost: it meant that 802.11g networks are inherently encumbered with legacy issues that can reduce their overall throughput by approximately 21% when compared to the more streamlined 802.11a. [39] A compromise, as most things are, sacrificing a little speed for broader acceptance.

The then-proposed 802.11g standard was enthusiastically embraced by the market beginning in January 2003, long before its official ratification. This rapid adoption was fueled by an insatiable demand for higher data rates and, perhaps more compellingly, significant reductions in manufacturing costs. [40] By the summer of 2003, most dual-band 802.11a/b products had evolved into dual-band/tri-mode devices, offering support for a, b, and g standards within a single mobile adapter card or access point. The intricate details of ensuring harmonious operation between 802.11b and 802.11g occupied a substantial portion of the ongoing technical development process. It's a critical point that in an 802.11g network, the presence and activity of even a single 802.11b participant will inevitably reduce the overall data rate for the entire 802.11g network, a subtle reminder of the costs of backward compatibility.

And, just like 802.11b, 802.11g devices are not immune to the pervasive interference emanating from other products that share the crowded 2.4 GHz band, such as wireless keyboards, adding another layer of complexity to signal management.

802.11-2007

In 2003, a dedicated task group, TGma, was commissioned with the rather bureaucratic, yet essential, task of "rolling up" many of the amendments that had accumulated since the 1999 version of the 802.11 standard. This comprehensive effort, known as REVma or 802.11ma, aimed to consolidate these disparate additions into a single, cohesive document. It successfully merged eight significant amendments—802.11a, b, d, e, g, h, i, and j—with the base standard, creating a more manageable and unified reference. Upon its official approval on March 8, 2007, 802.11REVma was formally renamed to the then-current base standard, IEEE 802.11-2007. A bureaucratic necessity, tidying up the endless additions.

802.11n

802.11n represents a crucial amendment designed to significantly improve upon the capabilities of previous 802.11 standards. Its initial draft for certification was released in 2006, signaling a new era for Wi-Fi. The 802.11n standard was later, and quite sensibly, retroactively labeled as Wi-Fi 4 by the Wi-Fi Alliance to simplify public understanding. [42] [43] The most significant innovation brought by this standard was the introduction of support for multiple-input multiple-output (MIMO) antennas. This technology fundamentally changes how wireless signals are transmitted and received, allowing for multiple spatial streams of data, dramatically increasing throughput and range. 802.11n was also notable for its flexibility, capable of operating on both the 2.4 GHz and the 5 GHz bands, though support for the 5 GHz band was designated as optional. Its net data rate offered a substantial leap, ranging from 54 Mbit/s up to a theoretical maximum of 600 Mbit/s. The IEEE officially approved this amendment, and it was formally published in October 2009. [44] [45] Finally, multiple antennas to argue with each other, in two different bands.

Even before its final ratification, a strong market demand meant that enterprises were already actively transitioning to 802.11n networks. This was facilitated by the Wi-Fi Alliance's certification program, which validated products conforming to a 2007 draft of the 802.11n proposal. It's worth a historical note that early Intel WiFi cards, somewhat inconveniently, were not fully compatible with the eventual final standard. Furthermore, many competing access points and wireless cards at the time did not offer any support for the 5 GHz band, limiting the dual-band promise of 802.11n in initial deployments.

802.11-2012

In May 2007, yet another task group, TGmb, was authorized to undertake the recurring responsibility of "rolling up" the numerous amendments into the 2007 version of the 802.11 standard. [46] This revision, designated as REVmb or 802.11mb, meticulously consolidated ten distinct amendments—802.11k, r, y, n, w, p, z, v, u, and s—into a single, updated document, integrating them with the existing 2007 base standard. Beyond mere amalgamation, this process also involved a significant amount of "cleanup," including a comprehensive reordering of many clauses to improve clarity and logical flow. [47] Upon its official publication on March 29, 2012, this newly revised standard was formally designated as IEEE 802.11-2012. The cycle continues, relentless and predictable.

802.11ac

IEEE 802.11ac-2013, an amendment to the IEEE 802.11 standard, was officially published in December 2013, building upon the foundations laid by 802.11n. [48] The Wi-Fi Alliance subsequently, and retrospectively, labeled the 802.11ac standard as Wi-Fi 5, continuing their effort to provide a more digestible naming convention for consumers. [42] [43] The enhancements over 802.11n were substantial, primarily focused on pushing the boundaries of throughput and efficiency. Key changes included the introduction of wider channels (80 or even 160 MHz, a significant increase from 40 MHz) exclusively within the 5 GHz band, a greater number of spatial streams (supporting up to eight, compared to four in 802.11n), and the adoption of higher-order modulation schemes (up to 256-QAM versus 64-QAM). Crucially, 802.11ac also saw the addition of Multi-user MIMO (MU-MIMO) capabilities, specifically for the downlink, allowing an access point to simultaneously transmit data to multiple client devices. More bandwidth, more streams, more ways to push data through. Because 'enough' is a concept for philosophers, not engineers.

The Wi-Fi Alliance strategically phased the introduction of 802.11ac wireless products into two distinct stages, affectionately termed "Wave 1" and "Wave 2." [49] [50] Starting from mid-2013, the alliance began certifying Wave 1 802.11ac products from various manufacturers, basing these certifications on the IEEE 802.11ac Draft 3.0, as the final IEEE standard itself wasn't fully ratified until later that year. [51] Then, in 2016, the Wi-Fi Alliance introduced the Wave 2 certification, which aimed to deliver even higher bandwidth and capacity compared to its Wave 1 predecessors. Wave 2 products incorporated additional advanced features such as full MU-MIMO support (for downlink), enhanced 160 MHz channel width support, expanded support for a greater number of 5 GHz channels, and up to four spatial streams (requiring four antennas, a step up from the three in Wave 1 and 802.11n, though still short of the eight specified in IEEE's ambitious 802.11ax specification). [52] [53]

802.11ad

IEEE 802.11ad is an amendment that boldly defines a new physical layer for 802.11 networks, specifically designed to operate within the 60 GHz millimeter wave spectrum. This frequency band possesses significantly different propagation characteristics when compared to the more familiar 2.4 GHz and 5 GHz bands where traditional Wi-Fi networks operate. The higher frequency results in much shorter wavelengths, which are easily absorbed by obstacles and even atmospheric oxygen, leading to a much shorter effective range. Products that implement the 802.11ad standard are marketed under the rather fitting WiGig brand name, with a corresponding certification program meticulously developed by the Wi-Fi Alliance. [54] The peak transmission rate achievable with 802.11ad is an astonishing 7 Gbit/s, making it incredibly fast for its intended use cases. [55]

Essentially, IEEE 802.11ad is a protocol tailored for extremely high data rates (approaching 8 Gbit/s), but its practical application is limited to very short-range communication, typically within a mere 1–10 meters. [56] Blazingly fast, but only if you're practically touching it. Practical, for some definitions of practical.

TP-Link proudly announced the world's first 802.11ad router in January 2016, pushing the boundaries of consumer-grade networking. [57]

The WiGig standard, after being initially announced in 2009, was formally published in 2021, having been officially incorporated into the IEEE 802.11 family in December 2012.

802.11af

IEEE 802.11af, also known by the more evocative monikers "White-Fi" and "Super Wi-Fi," [58] is an amendment approved in February 2014 that enables WLAN operation within the coveted TV white space spectrum. This spectrum resides in the VHF and UHF bands, specifically between 54 and 790 MHz. [59] [60] It leverages sophisticated cognitive radio technology to intelligently transmit on unused television channels. The standard incorporates rigorous measures to minimize interference for primary users of these frequencies, such as analog and digital television broadcasts, and crucially, wireless microphones, ensuring their continued operation. [60]

To achieve this coexistence, access points and stations employing 802.11af determine their geographical position with precision, typically using a satellite positioning system like GPS. They then consult an online geolocation database (GDB) – provided by a regional regulatory agency – to ascertain which frequency channels are currently available for use at that specific time and location. [60] The physical layer of 802.11af utilizes OFDM and is fundamentally based on the robust architecture of 802.11ac. [61] A significant advantage of operating in the UHF and VHF bands is the reduced propagation path loss and lower attenuation by common building materials like brick and concrete, compared to the higher 2.4 GHz and 5 GHz bands. This inherent characteristic translates directly into a substantially increased possible range for 802.11af networks. [60]

The frequency channels themselves are typically 6 to 8 MHz wide, with the exact width dependent on the specific regulatory domain. [60] For increased bandwidth, up to four channels can be bonded together, either in a single contiguous block or in two distinct blocks. [60] MIMO operation is fully supported, allowing for up to four spatial streams to be used for either space–time block code (STBC) or multi-user (MU) operation, further enhancing throughput and reliability. [60] The achievable data rate per spatial stream is 26.7 Mbit/s for 6 and 7 MHz channels, and a slightly higher 35.6 Mbit/s for 8 MHz channels. [34] When leveraging the maximum configuration of four spatial streams and four bonded channels, the theoretical maximum data rate can reach 426.7 Mbit/s for 6 and 7 MHz channels, and an impressive 568.9 Mbit/s for 8 MHz channels. [34] Repurposing old airwaves for new tricks. A clever hack, if it works without upsetting the primary users.

802.11-2016

IEEE 802.11-2016, previously known as IEEE 802.11 REVmc, [62] represents a comprehensive revision built upon the foundation of IEEE 802.11-2012. This updated standard meticulously incorporated five significant amendments: 11ae, 11aa, 11ad, 11ac, and 11af. Beyond simply integrating these additions, the revision also focused on enhancing existing MAC and PHY functions, refining their performance and capabilities. Simultaneously, obsolete features were either entirely removed or explicitly marked for future removal, streamlining the standard. Furthermore, a considerable effort was made to renumber certain clauses and annexes, aiming for improved logical organization and readability. [63] Another administrative consolidation of the ever-growing family tree.

802.11ah

IEEE 802.11ah, officially published in 2017, [64] defines a WLAN system designed to operate in the sub-1 GHz license-exempt bands. This choice of frequency spectrum is particularly advantageous due to its favorable propagation characteristics. Lower frequencies experience less path loss and better penetration through obstacles, enabling 802.11ah to provide a significantly improved transmission range compared to conventional 802.11 WLANs, which typically operate in the more crowded 2.4 GHz and 5 GHz bands. 802.11ah is envisioned for a diverse array of applications, including large-scale sensor networks [65], extended-range hotspots, and outdoor Wi-Fi deployments aimed at offloading cellular WAN carrier traffic, especially in areas where available bandwidth is relatively narrow. The protocol is specifically engineered for low power consumption, aiming to be competitive with low-power Bluetooth devices, but crucially, offering a much wider operational range. [66] For when your smart devices need to complain about their battery life from further away.

802.11ai

IEEE 802.11ai is an amendment to the core 802.11 standard that introduces novel mechanisms explicitly designed to achieve a faster initial link setup time. [67] In a world where instant connectivity is not just desired but expected, minimizing the delay in establishing a wireless link becomes increasingly important. This amendment aims to streamline the process of a device connecting to a Wi-Fi network for the first time or re-establishing a connection, reducing the latency involved in the authentication and association phases. Because waiting even a second is apparently too much for modern sensibilities.

802.11aj

IEEE 802.11aj is a derivative standard, specifically tailored from 802.11ad, for deployment within the 45 GHz unlicensed spectrum. This particular frequency band is available in certain regions of the world, most notably China, highlighting the fragmented nature of global spectrum allocation. Beyond its application in the 45 GHz band, it also introduces additional capabilities designed for use within the 60 GHz band, further extending its utility. [67] Regional variations, because global uniformity is an illusion.

This standard is also alternatively recognized by the designation China Millimeter Wave (CMMW), reflecting its specific regional focus and technological characteristics. [68]

802.11aq

IEEE 802.11aq constitutes an amendment to the 802.11 standard that introduces innovative functionalities for the pre-association discovery of services. [67] This enhancement builds upon and extends some of the mechanisms initially established in 802.11u, which facilitated basic device discovery. With 802.11aq, the capability is expanded to allow devices to discover not just other devices, but also the specific services running on those devices, or the services provided by a particular network, even before a full association is established. This allows for more intelligent and efficient selection of networks or devices based on available services, streamlining the user experience. Making it easier for devices to find out what they're supposed to do before they actually do it.

802.11-2020

IEEE 802.11-2020, known internally as IEEE 802.11 REVmd, [69] represents the latest comprehensive revision of the 802.11 standard, built upon the foundation of IEEE 802.11-2016. This updated standard meticulously incorporates five significant amendments: 11ai, 11ah, 11aj, 11ak, and 11aq. In addition to integrating these additions, the revision also focused on enhancing existing MAC and PHY functions, refining their performance and capabilities. As with previous rollups, obsolete features were either entirely removed or explicitly marked for future removal, streamlining the standard. Furthermore, new clauses and annexes have been added to reflect the evolving landscape of wireless technology. [70] The cycle continues, relentless and predictable.

802.11ax

IEEE 802.11ax is the designated successor to 802.11ac, strategically marketed by the Wi-Fi Alliance as Wi-Fi 6 (for operation in the 2.4 GHz and 5 GHz bands) [71] and Wi-Fi 6E (which extends capabilities into the 6 GHz band). [72] It is also commonly known as High Efficiency Wi-Fi, a moniker that aptly describes its primary objective: to deliver overall improvements for Wi-Fi 6 clients, particularly in dense and congested network environments. [73]

For an individual client device, the maximum improvement in data rate (the PHY speed) compared to its predecessor, 802.11ac, is a respectable but not revolutionary 39%. [b] (To put this in perspective, previous generational leaps, such as from 802.11n to 802.11ac, saw improvements closer to 500% [c] [i]). [d] Yet, despite this comparatively modest 39% figure for individual speed, the overarching goal of 802.11ax was far more ambitious: to achieve a fourfold increase in throughput-per-area-per-area [e] compared to 802.11ac. This emphasis on "High Efficiency" stems from the critical need to optimize WLAN performance in increasingly dense environments, such as bustling corporate offices, crowded shopping malls, and densely populated residential apartment complexes. [73]

This significant leap in efficiency is primarily achieved through a sophisticated technique called OFDMA (Orthogonal Frequency-Division Multiple Access). Unlike traditional Wi-Fi, which operates more like a single-lane highway where only one car can pass at a time, OFDMA allows multiple users to transmit simultaneously on different sub-carriers within the same channel. This is akin to multiplexing in the frequency domain, a stark contrast to the spatial multiplexing employed by 802.11ac. This fundamental shift is analogous to applying cellular technology principles to Wi-Fi, enabling a far more efficient allocation of spectrum resources and significantly improving overall network capacity and performance in multi-user scenarios. [73] The IEEE 802.11ax-2021 standard was officially approved on February 9, 2021. [76] [77] Not just faster, but smarter about sharing. A noble goal, if a bit optimistic given human nature.

802.11ay

This section needs to be updated. Please help update this article to reflect recent events or newly available information. (March 2015)

IEEE 802.11ay is a standard currently under development, also known by the rather verbose designation EDMG: Enhanced Directional MultiGigabit PHY. It is an amendment that defines a new physical layer for 802.11 networks, specifically engineered to operate within the 60 GHz millimeter wave spectrum. This standard is envisioned as a significant extension of the existing 802.11ad protocol, aiming to dramatically enhance throughput, extend effective range, and broaden its practical use-cases. The primary applications for 802.11ay are expected to revolve around indoor operation and short-range communications, a limitation imposed by the inherent atmospheric oxygen absorption and the inability of millimeter waves to effectively penetrate walls. The theoretical peak transmission rate of 802.11ay is an astounding 40 Gbit/s, pushing the boundaries of wireless speed. [78] The main enhancements driving this performance leap include advanced channel bonding techniques (supporting 2, 3, and 4 bonded channels), expanded MIMO capabilities (up to 4 spatial streams), and the utilization of even higher modulation schemes. Despite the inherent challenges of millimeter wave propagation, the expected range for 802.11ay is projected to be an impressive 300–500 meters, a significant improvement over its predecessor. [79] Even faster, even shorter range. For those who demand absurdity in their bandwidth.

802.11ba

IEEE 802.11ba Wake-up Radio (WUR) Operation is an amendment to the IEEE 802.11 standard with a specific and crucial objective: to enable highly energy-efficient operation for data reception without introducing an increase in latency. [80] The design goal for this technology is to achieve an impressively low active power consumption of less than 1 milliwatt when receiving a WUR packet. It supports data rates of 62.5 kbit/s and 250 kbit/s, which are modest but entirely sufficient for its intended purpose of signaling. The WUR PHY (Physical Layer) employs MC-OOK (multicarrier On-off keying) as its modulation scheme, a technique specifically chosen for its ability to achieve extremely low power consumption. [81] This effectively allows devices to remain in a deep sleep state, conserving battery life, and only "wake up" the main, power-hungry Wi-Fi radio when a WUR packet signals that actual data is waiting. A power-saving measure, so your devices can sleep soundly, only to be rudely awakened when truly needed.

802.11bb

IEEE 802.11bb is a novel networking protocol standard within the IEEE 802.11 suite, distinguished by its innovative use of infrared light for communications. [82] This standard paves the way for Li-Fi (Light Fidelity) technology, which harnesses visible light or infrared light to transmit data, offering an alternative to traditional radio frequency-based Wi-Fi. Using light for data. Because radio waves weren't complicated enough.

802.11be

IEEE 802.11be, known as Extremely High Throughput (EHT), is the eagerly anticipated next amendment to the 802.11 IEEE standard, [83] and has been officially designated as Wi-Fi 7. [84] [85] Building upon the significant advancements introduced by 802.11ax, 802.11be focuses on pushing the boundaries of WLAN performance for both indoor and outdoor operations, accommodating stationary and pedestrian speeds across the 2.4 GHz, 5 GHz, and 6 GHz frequency bands. The next frontier of speed, until the next one inevitably arrives.

Common misunderstandings about achievable throughput

[[File:UDP throughput over 802.11g.png|thumb|right|Graphical representation of Wi‑Fi application-specific (UDP) performance envelope in the 2.4 GHz band with 802.11g. 1 Mbps = 1 Mbit/s.]]

Across all the myriad variations of 802.11, the published maximum achievable throughputs are typically presented either as theoretical measurements under pristine, ideal laboratory conditions or as raw layer-2 data rates. However, this rosy picture rarely translates to typical deployments, where data is being transferred between two endpoints, one of which is almost always connected to a wired infrastructure (like your router connected to an Ethernet cable) and the other endpoint is connected wirelessly. This is the eternal chasm between theoretical maximums and the messy reality of your actual experience.

[[File:UDP throughput over 802.11n 40MHz.png|thumb|right|Graphical representation of Wi‑Fi application-specific (UDP) performance envelope in the 2.4 GHz band with 802.11n, using a 40 MHz channel]]

What this fundamentally means is that, in most common scenarios, data frames must traverse an 802.11 (WLAN) medium and then undergo a conversion to 802.3 (Ethernet) format, or vice versa. This conversion process, coupled with the inherent differences in the frame (header) lengths between these two media, means that the actual application's packet size becomes a critical determinant of the effective speed of data transfer. Applications that rely on small packets, such as Voice over IP (VoIP), inherently generate dataflows burdened with high-overhead traffic, resulting in a significantly lower effective goodput (the actual useful data transferred). Other factors that significantly influence the overall application data rate include the rate at which the application itself transmits packets, and, of course, the strength and quality of the received wireless signal. The latter is, in turn, primarily dictated by the physical distance between devices, the presence of obstructions, and the configured output power of the communicating devices. [86] [87]

The same referenced studies provide the attached graphs, which meticulously display measurements of User Datagram Protocol (UDP) throughput. Each data point represents an average UDP throughput derived from 25 individual measurements (note that error bars are present but are often barely visible due to the minimal variation observed). These measurements are taken with specific packet sizes (ranging from small to large) and at varying data rates (from a modest 10 kbit/s up to 100 Mbit/s). Markers indicating the traffic profiles of common applications are also helpfully included. It's important to remember that these figures assume an ideal scenario with no packet errors. In reality, any packet errors that occur will inevitably further reduce the effective transmission rate.

Channels and frequencies

Channel spacing within the 2.4 GHz band

Beyond merely specifying the channel's center frequency, 802.11 also meticulously defines (in Clause 17, for those who enjoy the minutiae) a spectral mask. This mask is a critical technical specification that dictates the permitted power distribution across each channel, essentially setting the boundaries for how much interference a signal can generate outside its intended frequency. The mask mandates that the signal must be attenuated by a minimum of 20 dB from its peak amplitude at ±11 MHz from the center frequency. This point effectively defines the channel as being 22 MHz wide. A direct consequence of this specification is that, to avoid significant overlap and interference, wireless stations can only practically utilize every fourth or fifth channel without substantial spectral overlap. The invisible lines in the sand, constantly being ignored or misunderstood.

The availability of these channels is, as always, tightly regulated by individual countries, constrained in part by how each nation allocates radio spectrum to its various services and users. At one extreme, Japan, known for its technological forward-thinking, permits the use of all 14 channels for 802.11b, and channels 1–13 for 802.11g/n-2.4. Other countries, such as Spain, initially imposed much stricter limits, allowing only channels 10 and 11, while France permitted only channels 10, 11, 12, and 13. However, Europe has since harmonized its regulations, now generally allowing channels 1 through 13. [88] [89] North America and certain Central and South American countries maintain a more restrictive stance, permitting only channels 1 through 11.

[[File:802.11g channels 1 to 14.png|thumb|Spectral masks for 802.11g channels 1–14 in the 2.4 GHz band]]

Since the spectral mask only explicitly defines power output restrictions up to ±11 MHz from the center frequency, requiring attenuation by −50 dBr, it is a common, though incorrect, assumption that the energy of a channel extends no further than these precise limits. A more accurate understanding is that the overlapping signal from any given channel should be sufficiently attenuated so as to minimally interfere with a transmitter operating on any other channel, given the specific separation between their center frequencies. This is where the notorious near–far problem comes into play: a powerful transmitter, even if technically on a "non-overlapping" channel, can significantly impact (desensitize) a nearby victim receiver if it's operating in close proximity (within a meter) or exceeding allowed power levels. Conversely, a sufficiently distant transmitter, even on an overlapping channel, might have little to no significant detrimental effect. A classic dilemma: the loud neighbor drowning out everyone else, even if they're technically in their own 'lane.'

Confusion frequently arises regarding the precise amount of channel separation deemed necessary between transmitting devices. 802.11b, relying on direct-sequence spread spectrum (DSSS) modulation, utilized a channel bandwidth of 22 MHz. This led to the widely accepted notion of three "non-overlapping" channels (typically 1, 6, and 11). 802.11g, however, adopted OFDM modulation and a slightly narrower channel bandwidth of 20 MHz. This technical distinction occasionally gives rise to the belief that four truly "non-overlapping" channels (1, 5, 9, and 13) exist under 802.11g. However, this is demonstrably not the case. As per section 17.4.6.3 "Channel Numbering of operating channels" of the IEEE Std 802.11 (2012) standard, it explicitly states: "In a multiple cell network topology, overlapping and/or adjacent cells using different channels can operate simultaneously without interference if the distance between the center frequencies is at least 25 MHz." [90] This is further reinforced by sections 18.3.9.3 and Figure 18-13. Another persistent myth, stubbornly resisting actual facts.

[[File:2.4 GHz Wi-Fi channels (802.11b, g, n).svg|thumb|802.11 non-overlapping channels in the 2.4 GHz ISM band]]

This guidance does not, however, imply that the technical overlap of channels recommends the non-use of overlapping channels. The amount of inter-channel interference observed in a configuration employing channels 1, 5, 9, and 13 (a setup permitted in Europe, though not in North America) is barely distinguishable from that of a three-channel configuration, yet it offers the benefit of an entire extra channel. [91] [92]

Nonetheless, it is crucial to recognize that significant overlap between channels with narrower spacing (for example, 1, 4, 7, and 11 in North America) can indeed lead to unacceptable degradation of signal quality and a reduction in effective throughput. This problem is particularly acute when users are transmitting near the boundaries of access point cells, where signals are already weaker and more susceptible to interference. [93]

Regulatory domains and legal compliance

IEEE, in its infinite wisdom, uses the term regdomain to refer to a specific legal regulatory region. This is because, as previously noted, different countries, in their unique wisdom, define varying levels of allowable transmitter power, the maximum duration a channel can be occupied, and, of course, a different set of available channels. [94] Standardized domain codes have been established for major regions such as the United States, Canada, ETSI (Europe), Spain, France, Japan, and China, among others. More rules, more bureaucracy. A necessary evil, I suppose, to prevent total anarchy on the airwaves.

Most Wi-Fi certified devices are, by default, configured to regdomain 0. This "least common denominator" setting ensures that the device will not transmit at a power level exceeding the allowable maximum in any nation, nor will it utilize frequencies that are prohibited in any nation. A rather cautious, if globally restrictive, approach.

The regdomain setting is often intentionally made difficult or even impossible for end-users to modify. This is a deliberate design choice, implemented to prevent users from inadvertently (or, let's be honest, intentionally) contravening local regulatory agencies, such as the United States' Federal Communications Commission. A prudent measure, preventing users from accidentally breaking laws they don't understand, or deliberately abusing the airwaves.

Layer 2 – Datagrams

The fundamental units of data transmission at this layer are referred to as datagrams, though in 802.11 context, they are more precisely called frames. Current 802.11 standards meticulously specify various frame types, each serving a distinct purpose in the transmission of data, as well as the essential management and control of wireless links.

These frames are not arbitrary blobs of data; they are rigorously divided into very specific and standardized sections. Each frame, regardless of its type, consists of a MAC header, a variable-length payload, and a frame check sequence (FCS). It's worth noting that some frames, particularly those dedicated to control or management, may not carry a payload. The fundamental building blocks, meticulously structured, because even chaos needs a blueprint.

Field	Frame control	Duration, id.	Address 1	Address 2	Address 3	Sequence control	Address 4	QoS control	HT control	Frame body	Frame check sequence
Length (Bytes)	2	2	6	6	6	0, or 2	6	0, or 2	0, or 4	Variable	4

The initial two bytes of the MAC header are dedicated to the frame control field, which precisely dictates the form and intrinsic function of the frame. This critical frame control field is further subdivided into a series of granular sub-fields, each with its own specific role:

Protocol Version: A mere two bits are allocated to represent the protocol version. The currently active protocol version is consistently set to zero. Any other values are explicitly reserved for future iterations, a nod to the inevitability of change.
Type: These two bits serve to identify the broad category of the WLAN frame. The IEEE 802.11 standard primarily defines three overarching frame types: Control, Data, and Management.
Subtype: Four bits are dedicated to providing additional, more granular discrimination between frames within a given type. The Type and Subtype fields work in concert to precisely identify the exact nature and function of a particular frame.
ToDS and FromDS: Each of these is a single bit in size, yet they carry crucial information. They indicate whether a data frame is intended for a distribution system (ToDS = 1) or if it is originating from one (FromDS = 1). For Control and Management frames, these values are always set to zero. All data frames will have at least one of these bits set, forming a clear directional indicator:
- ToDS = 0 and FromDS = 0: This configuration signifies communication occurring entirely within a basic service set or an independent basic service set (IBSS) network, meaning direct station-to-station communication without involvement of an access point for distribution.
- ToDS = 0 and FromDS = 1: This indicates a frame that has been sent by a wireless station and is directed to an access point (AP), which then accesses the broader distribution system.
- ToDS = 1 and FromDS = 0: Conversely, this denotes a frame that is exiting the distribution system, destined for a specific wireless station.
- ToDS = 1 and FromDS = 1: This is the only type of data frame that necessitates the use of all four MAC addresses in the header. It typically applies to wireless distribution system (WDS) communication between access points. The addresses are interpreted as follows:
  - Address 1: The address of the receiving access point, which is exiting from the distribution system.
  - Address 2: The address of the transmitting access point, which serves as the entrance to the distribution system (i.e., the AP to which the source station is connected).
  - Address 3: The final destination address of the station that will ultimately receive the data.
  - Address 4: The address of the original source station that initiated the transmission. [95] [96]
More Fragments: This bit is set to indicate when a larger packet has been segmented into multiple smaller frames for transmission. Every frame, with the sole exception of the very last frame of a packet, will have this bit set, signaling that more pieces are yet to come.
Retry: Occasionally, frames encounter transmission errors and require retransmission. For such instances, there is a dedicated Retry bit, which is set to one when a frame is resent. This mechanism is crucial in aiding the receiving station to identify and eliminate duplicate frames, preventing redundant processing.
Power Management: This bit serves to communicate the power management state of the sender immediately after the completion of a frame exchange. Access points, by their nature, are responsible for managing connections and are, therefore, never permitted to set the power-saver bit, as they must remain perpetually active.
More Data: The More Data bit is utilized by access points to signal to stations operating in power-saver mode that there is buffered data awaiting them in the distribution system. It indicates that at least one frame is available and is addressed to any of the stations currently connected.
Protected Frame: The Protected Frame bit is set to the value of one if the frame body has been encrypted by a security protection mechanism. This includes, but is not limited to, older standards like Wired Equivalent Privacy (WEP), and more robust solutions like Wi-Fi Protected Access (WPA) or Wi-Fi Protected Access II (WPA2).
Order: This bit is exclusively set when the "strict ordering" delivery method is employed. By default, frames and fragments are not always guaranteed to be sent in sequential order, as enforcing strict ordering can introduce a performance penalty in wireless transmissions.

The subsequent two bytes are allocated for the Duration ID field, a critical component that informs other devices how long the current frame's transmission is expected to take, thereby allowing them to determine when the channel will become available again. This field can manifest in one of three forms: a simple Duration value, a Contention-Free Period (CFP) indicator, or an Association ID (AID).

An 802.11 frame can, rather intricately, possess up to four distinct address fields. Each of these fields is capable of carrying a MAC address. Address 1 typically designates the receiver of the frame, Address 2 identifies the transmitter, and Address 3 is frequently employed for filtering purposes by the receiving station. [dubious – discuss] Address 4 is a more specialized field, only appearing in data frames that are transmitted between access points within an Extended Service Set (ESS) or between intermediate nodes in a mesh network, indicating a multi-hop path.

The remaining fields that complete the header are:

The Sequence Control field, a two-byte section, is ingeniously designed to identify the correct message order and, crucially, to detect and eliminate duplicate frames. The initial 4 bits within this field are reserved for the fragmentation number, indicating which fragment a particular frame represents, while the subsequent 12 bits constitute the sequence number, providing a unique identifier for the frame within a given transmission sequence.
An optional two-byte Quality of Service (QoS) control field may be present, specifically in QoS Data frames. This field was a significant addition introduced with the 802.11e amendment, allowing for differentiated handling of traffic based on its service requirements.

The payload, or frame body field, is variable in size, accommodating anywhere from 0 to 2304 bytes of data, plus any additional overhead incurred from security encapsulation. This section contains the actual information originating from higher layers of the network stack, the data you're actually trying to send.

The Frame Check Sequence (FCS) occupies the last four bytes in a standard 802.11 frame. Often referred to as the Cyclic Redundancy Check (CRC), this field is absolutely vital for ensuring the integrity of retrieved frames. As frames are prepared for transmission, the FCS is calculated based on the entire frame content and then appended to it. When a receiving station acquires a frame, it performs its own calculation of the FCS based on the received data and then compares this newly computed value to the FCS value that was appended by the sender. If these two values match, it is assumed, with a high degree of confidence, that the frame was not corrupted or distorted during its journey through the unpredictable airwaves. [97]

Management frames

Management frames, often overlooked until something breaks, are the administrative overhead of keeping your wireless world together. They are not always authenticated, which, as you might imagine, has historically been a source of significant security vulnerabilities, and their primary role is to facilitate the maintenance, or, if necessary, the discontinuance, of communication links. Some of the more common 802.11 subtypes within the management frame category include:

Authentication frame: The initial handshake in establishing a wireless connection. 802.11 authentication commences with the wireless network interface controller (WNIC) dispatching an authentication frame to the access point, carrying its unique identity.
- Under open system authentication, the WNIC sends only a single authentication frame, and the access point responds with its own authentication frame, simply indicating acceptance or rejection. Minimalist, but not secure.
- With shared key authentication, the WNIC initiates the process by sending an authentication request, to which the access point replies with an authentication frame containing a challenge text. The WNIC then encrypts this challenge text using the shared key and sends it back to the access point in another authentication frame. The access point then attempts to decrypt this text with its own key, and the success or failure of this decryption determines the WNIC's authentication status. A slightly more complex dance, but still fundamentally flawed.
Association request frame: Once authenticated, a station sends this frame to an access point, signaling its desire to join the network. This enables the access point to allocate necessary resources and synchronize its timing with the requesting station. The frame carries crucial information about the WNIC, including its supported data rates and the SSID (Service Set Identifier) of the network the station intends to associate with. If the request is granted, the access point reserves memory for the station and assigns it a unique association ID.
Association response frame: This frame is sent by an access point in direct response to an association request from a station. It conveys either the acceptance or rejection of the association request. If accepted, the frame includes vital information such as the assigned association ID and the supported data rates that the access point will allow.
Beacon frame: These frames are transmitted periodically by an access point, acting like a digital lighthouse, constantly announcing its presence and broadcasting the SSID and other essential parameters to all WNICs within its operational range. They are crucial for client devices to discover available networks. Beacon frames, tirelessly announcing an access point's existence, like a digital lighthouse in a sea of apathy.
Deauthentication frame: A rather abrupt way to end a connection. This frame is sent from one station to another, explicitly indicating a desire to terminate their communication link.
Disassociation frame: A more graceful exit. This frame is sent by a station wishing to terminate its association with an access point. It's an elegant mechanism that allows the access point to properly relinquish any allocated memory resources and remove the WNIC's entry from its association table, maintaining network cleanliness.
Probe request frame: Sent from a station when it actively requires information from another station or an access point. This is often used by clients to actively search for networks when not passively listening for beacon frames.
Probe response frame: In direct reply to a probe request frame, an access point sends this frame, containing its capability information, supported data rates, and other relevant details, allowing the requesting station to assess its suitability.
Reassociation request frame: When a WNIC moves out of the effective range of its currently associated access point but finds another access point with a stronger signal (e.g., in a roaming scenario), it sends a reassociation request. The new access point then coordinates with the previous one to facilitate the forwarding of any data that might still be buffered for the client.
Reassociation response frame: Sent by the new access point in response to a WNIC's reassociation request. This frame contains the acceptance or rejection of the request, and if accepted, includes all necessary information for the new association, such as the association ID and supported data rates.
Action frame: These frames extend the functionality of management frames to control a specific action or operation between stations. They are categorized for various purposes, including QoS (Quality of Service) management, Block Ack (Block Acknowledgment) setup, Public actions, Radio Measurement requests, Fast BSS (Basic Service Set) Transition, Mesh Peering Management, and more. A station sends an Action frame to its peer to request or initiate a particular action. For example, one station might send an ADDBA Request action frame to another to set up a block acknowledgement agreement, and the receiving station would then respond with an ADDBA Response action frame to confirm or deny the request.

The body of a management frame is structured with frame-subtype-dependent fixed fields, which are then followed by a sequence of information elements (IEs). These IEs are highly flexible and allow for the inclusion of various types of data.

The common structure of an Information Element (IE) is elegantly simple:

Field	Type	Length	Data
Length	1	1	1–252

Control frames

Control frames are the unsung heroes that facilitate the precise and efficient exchange of data frames between wireless stations. They are the polite acknowledgements and preemptive warnings that keep the data flowing, or at least try to. Some common 802.11 control frames include:

Acknowledgement (ACK) frame: This is a fundamental component of 802.11's reliable data transfer mechanism. After successfully receiving a data frame without detecting any errors, the receiving station immediately sends an ACK frame back to the sending station. If the sending station fails to receive an ACK frame within a predetermined, specific period of time (a timeout), it assumes the original data frame was lost or corrupted and will, therefore, retransmit the frame. This ensures data delivery, though at the cost of potential retransmissions.
Request to Send (RTS) frame: The RTS and CTS frames together provide an optional, but highly effective, collision reduction scheme, particularly useful in environments with hidden stations. A station initiates this two-way handshake by sending an RTS frame as the very first step before it intends to transmit a series of data frames. This effectively reserves the medium.
Clear to Send (CTS) frame: In response to an RTS frame, a station that is ready to receive data sends a CTS frame. This frame serves as explicit clearance for the requesting station to proceed with sending its data frames. Crucially, the CTS frame also incorporates a time value, known as the Network Allocation Vector (NAV), which effectively informs all other stations within range that they must refrain from transmitting for the specified duration, thereby preventing collisions and managing access to the shared medium. It's the digital equivalent of 'Are you there? Yes, I'm here. Okay, I'm sending now, everyone else shut up.'

Data frames

Data frames are, quite simply, the reason you're bothering with all this: they carry the actual packets from web pages, files, and other application-layer information within their body. [98] The body of an 802.11 data frame typically commences with an IEEE 802.2 header. This header contains the Destination Service Access Point (DSAP) field, which specifies the particular protocol being carried. If the DSAP is set to the hexadecimal value AA, it is then followed by a Subnetwork Access Protocol (SNAP) header. The SNAP header, in turn, includes the organizationally unique identifier (OUI) and the protocol ID (PID) fields, which together further specify the encapsulated protocol. If the OUI is comprised of all zeroes, the protocol ID field then directly functions as an EtherType value, indicating the higher-layer protocol. Almost universally, 802.11 data frames utilize both 802.2 and SNAP headers, and most commonly, they employ an OUI of 00:00:00 with an EtherType value. Layers upon layers, like an archaeological dig of networking protocols.

Much like TCP congestion control mechanisms found on the internet, frame loss is an inherent, and somewhat expected, part of 802.11's operation. To dynamically select the most appropriate transmission speed or Modulation and Coding Scheme (MCS), a rate control algorithm will often deliberately test different speeds. The actual packet loss rate experienced by Access Points can vary widely depending on specific link conditions. Reports from production Access Points indicate loss rates ranging from 10% to a staggering 80%, with a common average hovering around 30%. [100] It is crucial to understand that the link layer is designed to recover these lost frames through retransmissions. If the sender does not receive an Acknowledgement (ACK) frame within the expected timeframe, it will automatically resend the original frame. An imperfect system, but one that compensates for its own shortcomings. Much like life, really.

Standards and amendments

Within the IEEE 802.11 Working Group, [59] a vast and ever-expanding ecosystem of IEEE Standards Association Standards and Amendments exists, each adding a new layer to the wireless tapestry:

IEEE 802.11-1997: The foundational WLAN standard, originally specifying 1 Mbit/s and 2 Mbit/s operation in the 2.4 GHz RF band, alongside an infrared (IR) option (1997). All subsequent entries, with the exception of the Recommended Practices 802.11F and 802.11T, are amendments to this original standard.
IEEE 802.11a: Introduced 54 Mbit/s operation in the 5 GHz band (1999, with products shipping in 2001). A faster lane, but with shorter reach.
IEEE 802.11b: Boosted speeds to 5.5 Mbit/s and 11 Mbit/s in the 2.4 GHz band (1999). The popularizer, despite its interference woes.
IEEE 802.11c: Defined bridge operation procedures; later integrated into the broader IEEE 802.1D standard (2001). More bureaucratic integration.
IEEE 802.11d: Provided international (country-to-country) roaming extensions (2001). For when your devices need to travel without losing their minds.
IEEE 802.11e: Introduced enhancements for Quality of Service (QoS), including crucial packet bursting capabilities (2005). Prioritizing your Netflix over your neighbor's torrents, theoretically.
IEEE 802.11F: Defined the Inter-Access Point Protocol (2003), but was subsequently withdrawn in February 2006. An idea that didn't quite stick.
IEEE 802.11g: Delivered 54 Mbit/s in the 2.4 GHz band, crucially offering backward compatibility with 802.11b (2003). The compromise standard, faster but still crowded.
IEEE 802.11h: Introduced Spectrum Managed 802.11a (5 GHz) to ensure European compatibility (2004). Because Europe likes its spectrum managed, thank you very much.
IEEE 802.11i: Focused entirely on enhanced security (2004). A desperate attempt to fix the glaring security holes of its predecessors.
IEEE 802.11j: Provided specific extensions for operation in Japan (4.9-5.0 GHz) (2004). More regional variations, because global uniformity is a fantasy.
IEEE 802.11-2007: A significant rollup, consolidating amendments a, b, d, e, g, h, i, and j into a single, updated standard (July 2007).
IEEE 802.11k: Added radio resource measurement enhancements (2008). Helping devices find the best place to connect, not just a place.
IEEE 802.11n: Introduced Higher Throughput WLAN capabilities across both 2.4 and 5 GHz bands, utilizing 20 and 40 MHz channels, and famously introduced MIMO to Wi-Fi (September 2009). The big leap in speed and range.
IEEE 802.11p: Known as WAVE—Wireless Access for the Vehicular Environment, designed for critical applications like ambulances and passenger cars (July 2010). So your car can complain about traffic in real-time.
IEEE 802.11r: Enabled Fast BSS (Basic Service Set) Transition (FT) (2008). For seamless roaming, so your video call doesn't drop when you walk to the kitchen.
IEEE 802.11s: Introduced Mesh Networking capabilities, extending the concept of an Extended Service Set (ESS) (July 2011). Creating self-healing networks, because humans can't always be bothered.
IEEE 802.11T: Wireless Performance Prediction (WPP)—a recommended practice for test methods and metrics, which was ultimately cancelled. Another good intention, lost to the sands of time.
IEEE 802.11u: Brought improvements related to HotSpots and third-party authorization of clients, crucial for cellular network offload (February 2011). Making public Wi-Fi slightly less painful.
IEEE 802.11v: Focused on Wireless network management enhancements (February 2011). More tools for the network administrator, because their job isn't hard enough.
IEEE 802.11w: Introduced Protected Management Frames (September 2009). Finally securing the whispers, not just the shouts.
IEEE 802.11y: Enabled 3650–3700 MHz Operation specifically in the U.S. (2008). Yet another regional spectrum allocation.
IEEE 802.11z: Provided extensions to Direct Link Setup (DLS) (September 2010). Streamlining direct communication between devices.
IEEE 802.11-2012: A monumental rollup, incorporating amendments k, n, p, r, s, u, v, w, y, and z (March 2012). The standard grows ever thicker.
IEEE 802.11aa: Focused on robust streaming of Audio Video Transport Streams (June 2012) - see Stream Reservation Protocol. For smoother media delivery, in theory.
IEEE 802.11ac: Very High Throughput WLAN operating exclusively at 5 GHz, introducing wider channels (80 and 160 MHz) and Multi-user MIMO (down-link only) [101] (December 2013). The gigabit Wi-Fi, if you're close enough.
IEEE 802.11ad: Very High Throughput at 60 GHz (December 2012) — see also WiGig. Blistering speed, almost no range.
IEEE 802.11ae: Focused on the Prioritization of Management Frames (March 2012). Ensuring critical network signals get through.
IEEE 802.11af: Utilized TV Whitespace for extended range (February 2014). Repurposing old airwaves for new tricks.
IEEE 802.11-2016: Another major revision, integrating amendments aa, ac, ad, ae, and af (December 2016). The library expands.
IEEE 802.11ah: Enabled Sub-1 GHz license-exempt operation, ideal for sensor networks and smart metering (December 2016). For when your smart devices need to complain about their battery life from further away.
IEEE 802.11ai: Introduced Fast Initial Link Setup (December 2016). Because waiting even a second is apparently too much.
IEEE 802.11aj: Focused on China Millimeter Wave operations (February 2018). More regional specificities.
IEEE 802.11ak: Addressed Transit Links within Bridged Networks (June 2018). For more seamless network segmentation.
IEEE 802.11aq: Enabled Pre-association Discovery of services (July 2018). Making it easier for devices to find out what they're supposed to do before they actually do it.
IEEE 802.11-2020: The latest comprehensive rollup, incorporating amendments ah, ai, aj, ak, and aq (December 2020). The cycle continues, relentless and predictable.
IEEE 802.11ax: High Efficiency WLAN operating across 2.4, 5, and 6 GHz, notably introducing OFDMA to Wi-Fi [73] (February 2021). Not just faster, but smarter about sharing.
IEEE 802.11ay: Brought Enhancements for Ultra High Throughput in and around the 60 GHz Band (March 2021). Even faster, even shorter range.
IEEE 802.11az: Focused on Next Generation Positioning (March 2023). For when your devices need to know exactly where they are, with frightening precision.
IEEE 802.11ba: Introduced Wake Up Radio (March 2021). So your devices can sleep, only to be rudely awakened.
IEEE 802.11bb: Defined Light Communications, paving the way for Li-Fi (November 2023). Using light for data. Because radio waves weren't complicated enough.
IEEE 802.11bc: Enhanced Broadcast Service (February 2024). Improving the efficiency of sending data to everyone at once.
IEEE 802.11bd: Provided Enhancements for Next Generation V2X (Vehicle-to-Everything) communications (see also IEEE 802.11p) (March 2023). Your car will soon have opinions about everything.
IEEE 802.11-2024: The next anticipated rollup, set to include amendments ax, ay, az, ba, bb, bc, and bd (September 2024). The scroll of specifications grows ever longer.
IEEE 802.11be: Extremely High Throughput (September 2024). The next frontier of speed, until the next one inevitably arrives.
IEEE 802.11bf: WLAN Sensing (May 2025). Allowing Wi-Fi to detect movement and presence, adding another layer of data collection.
IEEE 802.11bh: Randomized and Changing MAC Addresses (September 2024). A small victory for privacy, in a world where everything is tracked.
IEEE 802.11bk: 320 MHz Positioning (June 2025). Even more precise location tracking, for those who truly wish to be found.

In process

The future, perpetually in motion, always more to add. Several more amendments are currently in various stages of development:

IEEE 802.11bi: Focused on Enhanced Data Privacy. Because privacy is, apparently, an ongoing battle.
IEEE 802.11bn: Aiming for Ultra High Reliability. For when even a single dropped packet is unacceptable.
IEEE 802.11bp: Exploring Ambient Power Communication. Harnessing ambient energy for wireless devices, because batteries are a nuisance.
IEEE 802.11mf: Dedicated to 802.11 Accumulated Maintenance Changes. The ongoing, thankless task of keeping everything tidy.
IEEE 802.11bq: Investigating Integrated Millimeter Wave. Further advancements in the ultra-high frequency domain.
IEEE 802.11br: Focused on Enhanced Light Communication. Continuing the Li-Fi journey.
IEEE 802.11bt: Addressing Post Quantum Cryptography [102]. Preparing for a future where even the strongest current encryption might be rendered obsolete.

It's important to distinguish that 802.11F and 802.11T are designated as recommended practices rather than full-fledged standards, and are, therefore, capitalized as such.

The 802.11m task group is specifically responsible for the ongoing standard maintenance. This includes the major "roll-up" revisions: 802.11ma was completed for 802.11-2007, 802.11mb for 802.11-2012, 802.11mc for 802.11-2016, 802.11md for 802.11-2020, and 802.11me for the upcoming 802.11-2024.

Standard vs. amendment

A distinction often lost on many, but crucial for those who write the rules (and then ignore them), lies between the terms "standard" and "amendment" when referring to the various iterations of IEEE standards. [103]

From the perspective of the IEEE Standards Association, there is, fundamentally, only one single, current standard. This singular standard is precisely denoted by "IEEE 802.11" followed by the specific date of its publication. For instance, IEEE 802.11-2024 is the only version currently in official publication, effectively superseding all prior releases. This master standard is progressively updated and refined through the introduction of amendments. These amendments are diligently created by specialized task groups (TG). Both the task group itself and the final document it produces are typically identified by "802.11" followed by one or two lowercase letters, such as IEEE 802.11a or the more recent IEEE 802.11ax. The ongoing responsibility for updating the overarching 802.11 standard falls to task group m (TGm). To produce a new, consolidated version, TGm meticulously combines the previous version of the standard with all the amendments that have been published since the last major revision. Furthermore, TGm also provides essential clarification and interpretation to the industry regarding these published documents, acting as a crucial arbiter of meaning. New, consolidated versions of the IEEE 802.11 standard have been released in 1999, 2007, 2012, 2016, 2020, and are anticipated for 2024. [104] [105]

Nomenclature

Various terms employed within the 802.11 framework are used to delineate specific aspects of wireless local-area networking operations. These terms, while precise, may occasionally prove unfamiliar to the casual observer.

For instance, the rather unassuming term time unit (usually abbreviated as TU) is used to denote a specific unit of time equivalent to precisely 1024 microseconds. Numerous time constants within the 802.11 specifications are defined in terms of TUs, rather than the more commonly understood, and nearly equal, millisecond. A specific unit of time, because 'milliseconds' was apparently too straightforward.

Similarly, the term portal is utilized to describe an entity that functions in a manner analogous to an 802.1H bridge. A portal serves as the crucial gateway, providing access to the WLAN for non-802.11 LAN stations. A fancy word for a bridge, because 'bridge' wasn't sufficiently technical, I suppose.

Security

This section needs to be updated. The reason given is: WPA2 is no longer the latest version of WPA. Please help update this article to reflect recent events or newly available information. (February 2024)

Ah, security. The eternal afterthought, patched and re-patched. In 2001, a group of researchers from the University of California, Berkeley presented a damning paper that meticulously detailed inherent weaknesses within the 802.11 Wired Equivalent Privacy (WEP) security mechanism, which was defined in the original standard. Their findings were swiftly followed by the equally impactful paper from Fluhrer, Mantin, and Shamir, provocatively titled "Weaknesses in the Key Scheduling Algorithm of RC4." Not long thereafter, Adam Stubblefield, then with AT&T, publicly announced the first real-world verification of this attack. In their successful demonstration, they were able to intercept wireless transmissions and gain unauthorized access to WEP-protected networks, effectively shattering the illusion of "wired equivalent" security. [106] WEP was the original, and spectacularly broken, attempt at privacy. A cautionary tale in 'wired equivalent' promises.

In response to these critical revelations, the IEEE promptly established a dedicated task group to engineer a replacement security solution, known as 802.11i (this work had previously been a component of a broader 802.11e effort to enhance the MAC layer). The Wi-Fi Alliance, recognizing the urgency, swiftly announced an interim specification called Wi-Fi Protected Access (WPA), which was based on a subset of the then-current IEEE 802.11i draft. Products incorporating WPA began to appear on the market in mid-2003, providing a much-needed, albeit temporary, security upgrade. IEEE 802.11i itself, also widely known as WPA2, was finally ratified in June 2004. This robust standard made a crucial shift from the vulnerable RC4 cipher used in WEP to the significantly stronger Advanced Encryption Standard (AES). For modern home and consumer environments, the recommended encryption protocol is WPA2 with AES Pre-Shared Key (WPA2-PSK). In enterprise settings, the recommendation shifts to WPA2 in conjunction with a RADIUS authentication server (or another suitable type of authentication server) and a strong authentication method such as EAP-TLS.

In January 2005, the IEEE, ever vigilant, established yet another specialized task group, "w", with the specific mandate to protect management and broadcast frames, which, until then, had been transmitted in an unsecured, plain-text format. Its standard was officially published in 2009, finally securing the whispers, not just the shouts. [107]

In December 2011, a significant security flaw came to light, affecting certain wireless routers that implemented a specific version of the optional Wi-Fi Protected Setup (WPS) feature. While WPS is not strictly part of the 802.11 standard itself, this vulnerability allowed an attacker within the range of the affected wireless router to recover the WPS PIN and, consequently, the router's 802.11i password, often within a matter of hours. [108] [109] Another shortcut that proved to be a gaping vulnerability. Convenience, the enemy of security.

In late 2014, Apple made a notable announcement: its iOS 8 mobile operating system would begin scrambling MAC addresses during the pre-association stage of Wi-Fi connectivity. This deliberate measure was designed to thwart retail footfall tracking (People_counter) techniques, which had become possible due to the regular transmission of uniquely identifiable probe requests by devices searching for Wi-Fi networks. [110] Android 8.0 "Oreo" subsequently introduced a similar feature, aptly named "MAC randomization," further bolstering user privacy. [111] A small victory for privacy, in a world where everything is tracked. For now.

It is also worth noting that Wi-Fi users can be subjected to a Wi-Fi deauthentication attack. Such attacks exploit the lack of authentication in deauthentication frames, allowing an attacker to disconnect legitimate users from a network. The motivations for such attacks are varied, ranging from facilitating eavesdropping and attacking passwords (e.g., by forcing a victim to re-authenticate and capture the handshake) to coercing users into connecting to another, often malicious or more expensive, access point. A reminder that even the air around you isn't safe from malcontents.

IEEE 802.11