Scott Armitage, Loughborough University March 2012

Introduction

IEEE 802.11u is an amendment to the 802.11 family of protocols which enables the sending, and requesting, of information relating to a wireless network and its operator/owner.  This allows users to be presented not just with the SSID of a wireless network but more detailed information, such as the services offered by the network.

Network Discovery and Selection

One of the key features of 802.11u is the ability to advertise pre-association information to clients.  Access Points (AP) can send 802.11u information in the beacon frames for a wireless network.  In the beacon frame the AP can describe the type of network offered from a predefined list;

• Private Network
• Private Network with Guest Access
• Chargeable Public Network
• Free Public Network
• Personal Device Network
• Emergency Services Only Network
• Test or Experimental
• Wildcard

Additionally the AP can provide further, optional, venue information and a Homogenous ESSID (HESSID).  The HESSID is a MAC address which is the same on all APs belonging to a network.  The venue information in the beacon consists of a venue group and a venue type.  The venue groups are defined as;

• Unspecified
• Assembly
• Business
• Educational
• Factory and Industrial
• Institutional
• Mercantile
• Residential
• Storage
• Utility and Misc
• Vehicular
• Outdoor

The list of venue types is very large and varies depending upon the venue group selected.  For the Educational venue group this list currently contains:

• Unspecified Educational
• School, Primary
• School, Secondary
• University or College

Another optional part of the beacon is the support of advertisement protocols.  The beacon can indicate which 802.11u advertisement protocols are supported by the AP.  The current list of advertisement protocols contains:

• Access Network Query Protocol (ANQP)
• MIH Information Service
• MIH Command and Event Services Capability Discovery (IEEE 802.21)
• Emergency Alert System (EAS)
• Vendor Specific

In the beacon frame it is also possible to advertise Roaming Consortium information.  This part of the beacon frame uses ANQP elements to describe one or more roaming consortiums or service providers which the wireless network is part of.  In an education setting this could be used to identify that an AP is part of eduroam.

Finally as part of the beacon, an Emergency Alert Identifier can be sent out.  This provides information which can be used by a client in the verification of an Emergency Alert System (EAS) message.

Generic Advertisement Service (GAS)

GAS provides the layer 2 transport for delivering 802.11u information.  GAS is used as a container for ANQP elements sent between clients and APs.

ANQP

A key element of the network discovery and selection is the Access Network Query Protocol (ANQP).  ANQP elements describe the service being offered by an access point.   Clients can query an AP and receive lists of ANQP elements describing the service being offered by the access point and its capabilities.  The list of current ANQP elements is:

• ANQP Query list

The returned list of elements to an ANQP query

• ANQP Capability list

A list of capabilities configured on the client which is provided on request

• Venue Name information

This element contains a list of venues associated with the network.The venue name element can contain multiple names.Typically in an education setting, this would be the name of the institution and possibly the name of the campus or building.

• Emergency Call Number information

This element contains a list of emergency contact numbers.

• Network Authentication Type information

This element provides a list of authentication types.The current values for the authentication types are:

• Acceptance of terms and conditions
• On-line enrollment supported
• http/https redirection
• DNS redirection

This is aimed primarily at captive portal based authentication systems.

• Roaming Consortium list

The roaming consortium element list provides information about whether the network has membership to a roaming consortium or which service providers are supported by this network.Individual consortia (or single service providers) are identified by Organization Identifiers (OI) which are unique hexadecimal strings.This element can contain multiple OIs indicating the support of numerous service providers/consortia.As previously mentioned in an education setting, roaming consortium elements could be used to signify membership of eduroam.

• IP Address Type Availability information

This element provides information about the availability of IP addresses in use on the network.The return values are split into IPv6 and IPv4 addresses.For IPv6 the current values are:

• Address type not available
• Address type available
• Availability of the address type not known

For IPv4 the current values are:

• Address type not available
• Public IPv4 address available
• Port-restricted IPv4 address available
• Single NATed private IPv4 address available
• Double NATed private IPv4 address available
• Port-restricted IPv4 address available and Single NATed IPv4 address available
• Port-restricted IPv4 address available and Double NATed IPv4 address available
• Availability of the address type not known

• Network Access Identifier (NAI) Realm list

The NAI element provides a list of realms associated to service providers whose networks or services are accessible via the AP. Optionally included for each NAI realm is the EAP methods supported by this service provider.The current list of return parameters for EAP methods are:

• Expanded EAP Method
• Non-EAP Inner Authentication Type
  • PAP, CHAP, MSCHAP, or MSCHAPv2
• Inner Authentication EAP Method Type
  • Values from IANA EAP Method Type Numbers
• Expanded Inner EAP Method
• Credential Type
  • SIM, USIM, NFC Secure Element, Hardware Token, Soft Token, Certificate, Username/Password, none
• Tunneled EAP Method Credential Type
  • SIM, USIM, NFC Secure Element, Hardware Token, Soft Token, Certificate, Username/Password, none
• Vendor Specific

In an education setting, it is unlikely sites will list every other eduroam site and their supported EAP types as this is highly impractical.  Sites could however indicate the supported EAP types for their own realms.

• 3GPP Cellular Network information

• AP Geospatial Location

This element provides the APs location in LCI format.

• AP Civic Location

This element provides the APs location in Civic format.

• AP Location Public Identifier URI

This element provides a URI reference where location information about the AP can be retrieved.

• Domain Name list

This element contains a list of the domain names belonging to the AP owner/operator.

• Emergency Alert Identifier URI

This element contains a URI reference from which an emergency alert system (EAS) message can be retrieved.

• Emergency NAI

This element contains a string which can be used by the client to indicate an emergency access request.

• ANQP vendor-specific list

Emergency Services

802.11u provides the ability for clients, in an emergency, to contact the emergency services.  This can be through unauthenticated access or for authenticated users only.  If an access point supports emergency access, this is indicated in the 802.11u information in the wireless beacon frames. 

802.11u also has the provision to create emergency services only networks, dedicated and limited to accessing emergency services only.  These can provide location information in the 802.11u beacon to assist the emergency services in locating the client.

Emergency Alert System (EAS)

As well as providing access to contact the emergency services there is provision for alert messages to be sent to clients. The presence of an emergency message, which the client can query from the AP, can be sent in the beacon frames. 

Summary

802.11u introduces a number of useful new features.  Whilst many of the features are aimed at Subscription Service Provider Networks (SSPN) such as mobile phone networks and nationwide captive portal operators, many are also of benefit to the eduroam community.