Service set (802.11 network)

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computer networking, a service set is a set consisting of all the devices associated with a consumer or enterprise IEEE 802.11 wireless local area network (WLAN). The service set can be local, independent, extended or mesh.

Basic service set[edit]

The basic service set (BSS) provides the basic building-block of an 802.11 wireless LAN. In infrastructure mode, a single access point (AP) together with all associated stations (STAs) is called a BSS;[1] not to be confused with the coverage of an access point, known as the basic service area (BSA).[2] The access point acts as a master to control the stations within that BSS; the simplest BSS consists of one access point and one station.

The IEEE 802.11s amendment defined an additional protocol for wireless mesh networks. Only mesh STAs participate in mesh functionalities such as formation of the mesh BSS, path selection, and forwarding. Accordingly, a mesh STA is not a member of an IBSS (independent BSS) or of an infrastructure BSS. Consequently, mesh STAs do not communicate with nonmesh STAs. However, instead of existing independently, an MBSS can interconnect with other BSSs through the DS (Distribution System). Mesh STAs can communicate with nonmesh STAs through a logical architectural component called a Mesh Gate.

With 802.11, one can alternatively set up an ad hoc network of client devices without a controlling access point; the result is called an IBSS (independent BSS).[3]

Basic service set identification (BSSID)[edit]

Each BSS is uniquely identified by a basic service set identification (BSSID).[4] For a BSS operating in infrastructure mode, the BSSID is the MAC address of the wireless access point (WAP) generated by combining the 24 bit Organization Unique Identifier (the manufacturer's identity) and the manufacturer's assigned 24-bit identifier for the radio chipset in the WAP. The BSSID is the formal name of the BSS and is always associated with only one BSS.

The SSID (server set identification) is the informal (human) name of the BSS (just like a Windows Workgroup name). A BSS is functionally a contention domain as a local or workgroup network is functionally a broadcast domain.

In an ESS (extended service set - described below) each BSS still has its BSSID, however, the entire ESS uses only one SSID (to facilitate laptop and Mobile Internet Device, MID, mobility and Voice over Wifi, VoWiFi, roaming) - now called an ESSID. For an IBSS, the BSSID is a locally administered MAC address generated from a 48-bit random number. The individual/group bit of the address is set to 0 (individual). The universal/local bit of the address is set to 1 (local).

A BSSID with a value of all 1s is used to indicate the wildcard BSSID, usable only during probe requests or for communications that take place outside the context of a BSS.[5]

Service set identification (SSID)[edit]

Each BSS or ESS is identified by a service set identifier (SSID) - a series of 0 to 32 octets. It is used as a unique identifier for a wireless LAN. Since this identifier must often be entered into devices manually by a human user, it is often a human-readable string and thus commonly called the "network name".[6]

A common, albeit incorrect assumption, is that an SSID is a string of human-readable characters (such as ASCII), terminated by a NUL character (as in a C-string). SSIDs must be treated and handled as what they are, a series of 0 to 32 octets, some of which may not be human-readable. Note that the 2012 version of the 802.11 standard defines a means by which the array of octets can be interpreted to be encoded using UTF-8.

In an IBSS, the SSID is chosen by the client device that starts the network, and broadcasting of the SSID is performed in a pseudo-random order by all devices that are members of the network.

Security of SSID hiding[edit]

As a purported security enhancement, some access points allow a user to inhibit the broadcasting of their SSIDs, a tactic known as network cloaking; a station may then only join a BSS after the associated SSID has been specified explicitly. This tactic acts as a deterrent to the extent that it impedes casual wireless snooping. Network cloaking does not stop a determined attack on the network and therefore cannot replace other security practices. If this practice is relied on to protect a network it could be viewed as a form of security through obscurity.

Additionally, devices which are configured to connect to a network which does not broadcast its SSID may try to connect to the network by broadcasting for the network, a behavior which reveals the SSID to wireless snoopers in the vicinity of the device.

Extended service set[edit]

An extended service set (ESS) is a set of two or more interconnected wireless BSSs that share the same SSID (network name), security credentials and integrated (providing translation between 802.3 and 802.11 frames) wired local area networks that appear as a single BSS to the logical link control layer at any station associated with one of those BSSs which facilitates mobile IP and fast secure roaming applications; the BSSs may work on the same channel, or work on different channels to boost aggregate throughput.


  1. ^ IEEE Std 802.11-2007, p. 6, section 3.16.
  2. ^ IEEE Std 802.11-2007, p. 5, section 3.15.
  3. ^ IEEE Std 802.11-2007, p. 25, section 5.21.
  4. ^ IEEE Std 802.11-2007, p. 6, section
  5. ^ IEEE Std 802.11p-2010, p. 3, section 5.2.10.
  6. ^ Vasseur & Dunkels 2010, p. 432.