I have read in several books and online that multicast and broadcast are not acknowledged in wifi. Those are encrypted using GTK and since there is no acknowledgment of these frames it is unreliable. Some wifi vendors has implemented multicast to unicast feature to deliver multicast packets reliably to wifi clients. But when you look at a wifi packet capture no ACK for multicast and broadcast is only half true. The wifi client send multicast and broadcast traffic as wifi(L2) unicast to the AP encrypted by PTK rather than the GTK. And the AP acknowledges this packet, and then the AP broadcast/multicast this packet to all the other wifi clients as wifi(L2) broadcast/multicast encrypted with GTK and the clients do not need to acknowledge these packets.
A packet capture of this would like like below,
The packet below is a multicast packet set by a client to the AP and the AP needs to acknowledge. As you can see the packet is addressed to the AP and it is encrypted using PTK.
Then the AP send this packet as a multicast to all the clients and clients do not need to acknowledge.
No comments:
Post a Comment