Well, the title of the question is the question itself :P I have been looking for the answer into the 802.11-2007 and 2012 standards, but I didn't find anything. Hope you'll be able to help me with this. I supose that maybe must be a combination of flag values in the MAC (Medium Access Control) header, which determines if the frame needs to carry the LLC header. asked 01 Mar '13, 10:13 CapitanShinChan |
One Answer:
An 802.11 frame should contain an LLC header if, and only if, it's a Data frame. The frame type and subtype are part of the Frame Control field in the MAC header; Data is one of the frame type values (the others are Control and Management). The subtype doesn't matter - all Data frames should contain an LLC header, and no other frames should. answered 01 Mar '13, 15:43 Guy Harris ♦♦ |
Why
Wireshark
does not show LLC header in encrypted data packets?Because you have to decrypt the capture.
LLC exists at a higher OSI layer than the 802.11 header. All data above the WiFi header is encrypted which includes the LLC