This section details the partitioning of the TCP/IP networking stack and the IEEE
802.11 Wi-Fi® stack across the host
Microcontroller Unit (MCU) and nRF7002.
This description is based on Zephyr™ TCP/IP networking stack and an nRF5340 host MCU. However,
the partitioning applies equally to other operating systems and host MCUs supporting a
compatible Serial Peripheral Interface (SPI)/Quad Serial Peripheral Interface (QSPI).
Figure 1. Network stack architecture
The TCP/IP networking stack and Wi-Fi driver execute on the host MCU (for example,
nRF5340) and communicate with the MAC layer on nRF7002 through
SPI/QSPI. The Wi-Fi driver
presents control and data interfaces (Control IF/Data IF) to the TCP/IP networking
stack.
Control IF
The Control IF interfaces with the Network Management API (net_mgmt). The Control IF
implements functionality like scanning, connecting to a Service Set Identifier (SSID), or setting the encryption key.
Data IF
The Data IF interfaces with the L2 Network Technologies layer of the TCP/IP networking
stack. The Wi-Fi driver presents the nRF7002 as an Ethernet
device to the data path of the TCP/IP networking stack. In the TX path, it receives
Ethernet frames from the upper layers and in the RX path sends Ethernet frames to
it. The Wi-Fi driver takes care of converting Wi-Fi frames to Ethernet frames in the
RX path.
Supplicant
The supplicant is implemented as part of the Wi-Fi driver and provides the following functionality:
- 802.11 authentication and association
- The supplicant requests the driver to scan neighbouring Basic Service Set (BSS)s and then requests the driver to associate with a chosen
BSS. 802.11 authentication is the first step in network attachment. 802.11
authentication requires a Station (STA) to establish its
identity with an Access Point (AP). No data encryption or
security is available at this stage.
- Wi-Fi Protected Access®(WPA™)
authentication
- The supplicant implements the authentication services and port control
described in the IEEE802.1X standard. The initial authentication process is
carried out using either of the following:
This process ensures that the client station (STA) is authenticated
with the AP. This also results in the generation of a shared
Pairwise Master Key (PMK) at both the STA and AP.
- 4-way handshake
- The 4-way handshake is designed such that the STA and AP can prove to each
other their knowledge of the PMK without actually disclosing the key. The
4-way handshake generates the following:
- Roaming
- When connected to a wireless network with multiple access points, the
supplicant is typically responsible for implementing the roaming between
access points. The supplicant detects a closer access point
(Basic Service Set Identifier (BSSID)) in the current network (SSID), in
terms of signal strength (Received Signal Strength Indication (RSSI)), it will
reassociate to the closer access point.
- Software Enabled Access Point (SoftAP)
- SoftAP enables a device to turn its wireless interface into a Wi-Fi access
point. In SoftAP mode, the supplicant takes care of station onboarding and
management. SoftAP support is limited to PSK (WPA Personal) security.
- Peer-to-peer (P2P)
- The supplicant implements the higher layer functionality for managing P2P
groups and takes care of the following:
- Device Discovery
- Service Discovery
- Group Owner Negotiation
- P2P Invitation.
In addition, it maintains information about neighbouring P2P
Devices.