Originally posted by awrc
OK, here goes.
Airport = 802.11b = WiFi. Airport's Apple's name for it, the official name for the standard is 802.11b, and WiFi is the "catchy" name for the standard that's meant to be more appealing and cuddly than 802.11lb. I'll use WiFi most of the time since it's shortest.
In my earlier post I likened the card to a telephone and the base station to a local exchange. I'll stick with this even though it means skipping some stuff which would otherwise break the metaphor.
WiFi uses a dozen channels around the 2.4GHz range, which is the "free for all" range used by cordless phones, microwaves and all sorts of other crap. Maximum official speed is 11Mbps, but it'll also auto-degrade to 5Mbps or 2.5Mbps if it needs to (generally either because there's lots of interference, or because it consumes less power). I'm not going to go into signal encodings and stuff like that because...well, because I'm not an electrical engineer.
There's two basic modes - ad hoc and infrastructure.
Ad hoc is basically where everything talks to everything else. There is no base station, just a bunch of computers with wireless cards. They're all set to use the same channel, they're all set up to be on the same IP network (say 192.168.0.0/24). When a machine wants to talk to another machine it just blasts out the data on the appropriate channel. Everything hears it, but only the machine you sent it to pays any attention.
If we're using the telephone metaphor, ad hoc is like everyone's phone being hooked together. When you dial someone, every phone rings. When everybody picks up, you say "This message is for Dave" and everybody except Dave hangs up. Just to make things more exciting, when anybody else dials every phone rings, even if it means cutting off your existing conversation.
As you can imagine, it's pretty chaotic if you've got more than a few machines in an ad hoc network. WiFi tries to cope but you'll get collisions (two or more people try to dial at once), you'll get interference (you get cut off in mid-call). WiFi deal with this by retransmitting data, or by dropping the data rate (which I guess is equivalent to speaking very slowly to someone to make sure they understand over the racket).
Just to make matters worse, the cards have limited range and (Titanium Powerbooks aside) all have about the same range. So there's a limit on how large your network can get imposed by the strength of the signals, and there's a limit imposed by the fact that it quickly becomes a congested free-for-all.
If you want to get bigger, you need infrastructure mode, which imposes a little more order on things. In infrastructure mode, in addition to having a specific channel, the wireless network that you're participating in has a name. This name is generally called the ESSID, which stands for Extended Service Set ID. In fact, when you're setting up a computer in infrastructure mode, you usually don't even need to know the channel, you'll get presented with a list of all known local ESSIDs when you're setting up.
So what is an ESSID? It's basically the name of the network. It comprises all of the base stations (there can be many) using that network name. Like I said earlier, base stations (also known as access points, or APs) are basically the WiFi equivalent of local telephone exchanges. They arbitrate communications between all devices in their vicinity and they're also hooked up to a regular hard-wired network (the equivalent of "long-distance").
When you tell your computer which ESSID it should be part of, the card measures the strength of the signal coming from all of the base stations with that ESSID. It then attempts to "bind" with the one with the strongest signal. How does it know? Normally all the base stations periodically broadcast their ESSID. Telephone equivalent - shorter wires are better.
For security purposes, it's also possible to tell base stations *not* to broadcast their ESSID - you then have the situation where the WiFi card in your Mac has to basically broadcast "Will all base stations with ESSID 'Aardvark' please identify themselves?" and then measure the strength of the responses. It's not very good security because anyone wanting to find out the ESSID can either attempt to brute force it, or just listen out for a valid broadcast and grab the responses.
Next, your WiFi card has to authenticate itself to bind to the nearest base station. The simplest form of authentication is Open System which is basically no authentication at all. The card says "Will you be my base station?", the base station says "Sure", and they're bonded. Your WiFi card now has a BSID (not the trickiest acronym to figure out), which is the unique ID of the base station that it's bound to. This is the MAC address of the particular base station.
The other common form of authentication is Shared Key authentication. Both the base station and the connecting computer know a 64-bit or 128-bit key (either because you've set them both up, or because your network administrator has told you it). So the WiFi card takes its request and uses the key to encrypt it ("Do the cherry blossoms bloom in April?"), and the base station uses the key to decrypt it, then encrypts its response ("Only if the pigeon flies at midnight"). If the computer doesn't have the key, it can't authenticate. Note that I'm going to ignore the weaknesses in WiFi's encryption facilities in this description - suffice it to say that someone who listens carefully for long enough can narrow down the number of possible secret keys substantially.
There's also a fairly wide range of competing standards for a new, more robust authentication scheme floating around. Use these at your own risk - they're all more secure, but there's a heap of interoperability issues.
So, your computer is now bound to its base station. Basically if it wants to talk to anything, it sends the message to its base station. The base station acts as a local exchange - it looks at the address of the destination and decides whether its for another computer that's bound to it, or whether it's a long distance call, in which case it gets sent over Ethernet/your DSL connection/your cable modem. If it's for another computer bound to it it rebroadcasts it, and the other computer receives it. Yes, the potential for collisions and so forth still exists, but since all communication goes through the base station it can keep things more under control (it can only broadcast or receive one thing at a time). It can also allow the network to be physically larger - if all the cards have a 300ft range, two connected computers can be up to 600ft apart.
I'm going to just skim over the area of what happens if a message was destined for a computer that is wirelessly connected, and is in the same ESSID, but is bound to a different base station. That's because the standard skims over it a bit too - the basic idea is that every base station should have a table of the addresses of all the machines that are bound to all the other base stations in the ESSID, and that it should somehow forward the packet to another base station that's nearer to the destination, which in turn might have to forward it to another base station, and so forth, but exactly how these tables are built, exactly how the nearness of base stations is determined, and the protocol for inter-AP traffic isn't defined.
There's thus a whole bunch of proprietary inter-AP protocols around. What this generally means is that if you add new base stations, stick with the same manufacturer.
WiFi also allows computers to "roam". Basically the card in your computer keeps track of the relative signal strengths from all base stations in the ESSID and, if it finds that the one it is bound to has become sufficiently weaker than another, it binds to that one instead. The magic inter-AP protocols I referred to in the previous paragraph are supposed to handle updating the tables so that the base station you were bound to before realizes you've gone away.
Finally, encryption. Not a lot to say about this - if it's turned on all your packets get encrypted with the 64-bit or 128-bit WEP key before they're sent out and decrypted by the base station when they arrive. They're then either routed normally along some form of physical network, or they're re-encrypted and sent out again to the destination. The whole thing's pretty transparent, but can slow things down a bit because most of these consumer base stations aren't exactly computational powerhouses and all the encrypting and decrypting takes time. Oh, and I'm not going to go into all the reasons why the cryptography used is considered weak, but a lot of it stems from the fact that only 40 bits (or 104 bits if you're using 128 bit WEP) comes from the key you generated, the remaining 24 bits is specific to the base station and never changes.
OK, was that remotely intelligible? Did it clarify the difference between a WiFi card and a base station at all? It's not as long or as detailed as I originally planned, but hopefully somebody'll get something from it. Maybe I should just do a big pic of my home network in OmniGraffle instead.
