This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

When a 802.11 frame should contain a LLC header?

Well, the title of the question is the question itself :P

I have been looking for the answer into the 802.11-2007 and 2012 standards, but I didn't find anything.

Hope you'll be able to help me with this.

I supose that maybe must be a combination of flag values in the MAC (Medium Access Control) header, which determines if the frame needs to carry the LLC header.

llc header 802.11

asked 01 Mar '13, 10:13

CapitanShinChan
26●1●2●3
accept rate: 0%

One Answer:

An 802.11 frame should contain an LLC header if, and only if, it's a Data frame. The frame type and subtype are part of the Frame Control field in the MAC header; Data is one of the frame type values (the others are Control and Management). The subtype doesn't matter - all Data frames should contain an LLC header, and no other frames should.

answered 01 Mar '13, 15:43

Guy Harris ♦♦
17.4k●3●35●196
accept rate: 19%

Why Wireshark does not show LLC header in encrypted data packets?

(16 Mar '17, 06:44) SuBCo

Because you have to decrypt the capture.

LLC exists at a higher OSI layer than the 802.11 header. All data above the WiFi header is encrypted which includes the LLC

(16 Mar '17, 13:06) Amato_C