An Access Point (AP) in 802.11 infrastructure mode (IBSS) operates at a fixed Radio Frequency (RF) frequency selected from one of the set of frequencies permitted in the country of operation. Each wireless network is uniquely identified by a default alpha-numeric name called an SSID. An AP sends periodic 802.11 beacons to announce its presence on the medium in addition to other 802.11 specific purposes. Beacons may also carry SSID information.
A wireless client (also referred to as a mobile device or mobile unit (MU)) scans the presence of desired SSID on a wireless medium on a given RF using active probing or passive scanning. A wireless device may include, but is not limited to a laptop computer, a cellular telephone, a tablet, a Personal Digital Assistant (PDA) or the like. In active probing, an MU sends an 802.11 broadcast probe request at a lowest supported data rate on a specific frequency and listens for a response from AP(s) on that frequency. The broadcast probe request may be heard by multiple APs on a given frequency. All the APs that hear the broadcast probe may send a unicast response to the wireless client that sent the probe request. Probe responses have almost the same information that is present in the AP beacon. The SSID is always present in the probe response. Probe responses are sent at the same data rate as beacons so they take almost the same time to transmit on the air as beacons. Since the probe responses are unicast, an AP may send one or more retries if the probe response is not acknowledged by the client. Probe responses and probe response retries decrease the wireless medium airtime available for application data communication.
Passive scanning is based on listening for AP beacons or probe responses to other clients to determine the presence of an SSID on an RF frequency. The beacon interval is configurable and can vary from one deployment to another. Due to the variable beacon intervals across different deployments, in order to detect an SSID using a passive scan, the client has to wait for beacons on each RF frequency for unpredictable interval. When beacons do not carry an SSID, the scanning for probe responses to other clients is the only remaining passive scan option but due to the unpredictable nature of this scanning option clients cannot depend on this method for detecting SSID(s) in RF neighborhood. When no other clients are present in the RF neighborhood and beacons do not carry SSID information then passive scanning cannot detect presence of the wireless network.
All clients must rely on active probing to detect the presence of SSIDs in their RF neighborhood since passive scanning alone may not be sufficient to detect the SSID in some scenarios. Also, because passive scanning time is unpredictable, most client implementations of RF neighborhood scanning depend on active probing. Hiding the SSID in the beacon is an option supported by 802.11 standard that leaves probing as the only option for client to discover presence of SSID in the RF neighborhood.
The received power at an 802.11 device (AP or client) is specified by a Received Signal Strength Indicator (RSSI) value typically measured in dBm units. RSSI measurements are available in most modern radio cards for each packet received by the radio card. At lower received RSSI levels the noise in the communication channel starts dominating the total received signal and increases the probability of error in the received packet. Different modulation and coding schemes (MCS) have different tolerances to the noise in the channel with the lower data rate MCS having progressively higher tolerance. Lower data rate MCS can be demodulated cleanly at the receiver at lower RSSI compared to higher data rate MCS for same amount of channel noise. Assuming a fixed transmitter/receiver pair and no interference, the capability to demodulate a signal depends only on the modulation scheme and RSSI. RSSI falls as the transmitter (client) moves away from the receiver (AP).
Since MCS rate used for transmission depends on RSSI and channel noise, the 802.11 transmitter and receiver pairs constantly update the MCS rate used for packet transmission between the pair based on the current RSSI, channel noise and packet error rate. The 802.11 management and control frames are expected to be heard by all devices in the RF neighborhood so these frames are always sent at the lowest basic MCS rate configured for a given 802.11 deployment. Due to this requirement, beacons and probes, which are management frames, are also sent at the lowest basic MCS rate independent of the currently known RSSI and packet error rate between the transmitter and receiver pairs. The size of the beacons and probe frames has increased significantly with advent of 802.11n. Sending these frames at lowest data configured data rates consumes significant air-time in 802.11n deployments.