DEV Community

Naz Quadri
Naz Quadri

Posted on • Originally published at nazquadri.dev

The Invisible Negotiation Between Your Laptop and the Air

#linux #programming #systems #tutorial

The Invisible Negotiation Between Your Laptop and the Air

WiFi: Radio Physics, Collision Avoidance, and the Name That Means Nothing

Reading time: ~15 minutes

You typed a URL into your browser and hit Enter.

Before a single byte of your request left your laptop, your WiFi card performed a dance of radio physics, collision avoidance, and cryptographic negotiation that would make a diplomat proud. It listened to the air to make sure nobody else was talking. It picked a random backoff timer in case someone else had the same idea. It encrypted your data with a key derived from a four-way handshake that happened when you first connected. Then it modulated your bits across 52 subcarrier frequencies simultaneously, transmitted them as radio waves, and waited for an acknowledgement -- all in under a millisecond.

You saw a webpage load. Here's what actually happened.

The Name Means Nothing

Let's get this out of the way: WiFi doesn't stand for anything. If I'm found to be wrong the internet is welcome to string me up.

It's not "Wireless Fidelity." That's a backronym -- a meaning retrofitted onto a word that was chosen for entirely different reasons. In 1999, the WiFi Alliance (then called WECA -- the Wireless Ethernet Compatibility Alliance) hired Interbrand, the same branding firm that named Prozac, to come up with a consumer-friendly name for the IEEE 802.11 standard. The engineers had been calling it "IEEE 802.11b Direct Sequence" in marketing materials ๐Ÿคฆ๐Ÿคฆโ€โ™‚๏ธ๐Ÿคฆโ€โ™€๏ธ. Nobody was buying it. Literally -- consumers didn't understand what it was.

Interbrand proposed ten names. The consortium picked "WiFi" because it was short, memorable, and rhymed with "hi-fi" -- a term people already associated with quality audio equipment. The parallel was intentional: hi-fi meant high-quality sound; WiFi would mean high-quality wireless.

Then someone on the Alliance's board insisted on adding a tagline: "The Standard for Wireless Fidelity." Phil Belanger, a founding member of the WiFi Alliance, has publicly called this a mistake. The tagline made people assume WiFi stood for Wireless Fidelity, the way hi-fi stands for high fidelity. It doesn't. The WiFi Alliance eventually dropped the tagline, but the damage was done. Twenty-five years later, people still think it's an acronym.

The 802.11 committee itself started in 1990. The first standard was ratified in 1997, offering a blistering 2 Mbit/s. Your morning coffee took longer to brew than a file transfer took to time out.

The Standards Naming Disaster

If you thought USB naming was bad -- and it is -- WiFi standards naming is worse. For two decades, the WiFi Alliance used the IEEE committee letter suffixes as consumer-facing product names. 802.11a. 802.11b. 802.11g. 802.11n. 802.11ac. 802.11ax. These aren't even alphabetical by release date. 802.11a and 802.11b were ratified the same year, but 802.11b shipped to consumers first. 802.11n came after 802.11g. The letters tell you nothing about which is newer, faster, or better.

In 2018, the WiFi Alliance finally admitted nobody could remember the letter soup and introduced generational numbering. Retroactively.

Generation IEEE Standard Year Frequency Max Speed Channel Width
WiFi 1 802.11a 1999 5 GHz 54 Mbit/s 20 MHz
WiFi 2 802.11b 1999 2.4 GHz 11 Mbit/s 20 MHz
WiFi 3 802.11g 2003 2.4 GHz 54 Mbit/s 20 MHz
WiFi 4 802.11n 2009 2.4 / 5 GHz 600 Mbit/s 20/40 MHz
WiFi 5 802.11ac 2014 5 GHz 6.9 Gbit/s 20/40/80/160 MHz
WiFi 6 802.11ax 2021 2.4 / 5 GHz 9.6 Gbit/s 20/40/80/160 MHz
WiFi 6E 802.11ax 2021 6 GHz 9.6 Gbit/s 20/40/80/160 MHz
WiFi 7 802.11be 2024 2.4 / 5 / 6 GHz 46 Gbit/s 20/40/80/160/320 MHz

The retroactive rename was a good idea executed a decade too late. Your router's box now says "WiFi 6" instead of "802.11ax," which is progress. But the industry spent 20 years training people on the letter system, so every spec sheet still lists both. We're stuck in a bilingual world.

WiFi standards timeline from 802.11a to 802.11be, with retroactive generational naming applied in 2018

How WiFi Actually Works at the Radio Level

Bluetooth, as I covered in the last post, hops across 79 narrow channels 1,600 times per second. WiFi does the opposite. It parks on a wide channel and splits its data across dozens of subcarrier frequencies simultaneously.

The technique is called OFDM -- Orthogonal Frequency Division Multiplexing. The "orthogonal" part is the key: the subcarriers are spaced so that the peak of each one lines up with the nulls of its neighbors. They overlap in frequency but don't interfere with each other. It's like a choir where everyone sings at a slightly different pitch -- the voices overlap, but you can still pick out each one.

A standard 20 MHz WiFi channel contains 52 data subcarriers (plus 12 pilot and null subcarriers for synchronization and guard bands). Each subcarrier carries a portion of your data independently. If one subcarrier hits interference, the others keep going. The receiver reassembles the pieces.

OFDM orthogonal subcarriers: overlapping waveforms with peaks at neighbors' zero-crossings, 52 subcarriers in a 20 MHz channel

Channel Width: The Speed-vs-Coverage Tradeoff

Wider channels mean more subcarriers mean more data. A 40 MHz channel has roughly twice the capacity of a 20 MHz channel. 80 MHz roughly doubles again. WiFi 7 introduces 320 MHz channels -- 16 times the width of the original 20 MHz channels.

The tradeoff is brutal. In the 2.4 GHz band, there's only 70 MHz of usable spectrum (channels 1 through 13, though in the US only 1 through 11). A 20 MHz channel fits, but a 40 MHz channel consumes more than half the available space. An 80 MHz channel doesn't fit at all. Wider channels only work in 5 GHz and 6 GHz, where there's more room.

2.4 GHz vs 5 GHz vs 6 GHz

Three frequency bands, three different physics.

2.4 GHz reaches everywhere and is useless in an apartment building. The physics is on your side โ€” 12.5 cm wavelength diffracts around obstacles and punches through walls โ€” but you share 70 MHz of spectrum with every WiFi router, Bluetooth device, baby monitor, and microwave in the building. Three non-overlapping channels. Thirty competing networks. Good luck.

5 GHz is where the actual work happens. Twenty-five non-overlapping channels, far less congestion, but the shorter wavelength (6 cm) means each wall costs you 3-6 dB โ€” roughly halving usable range per wall.

6 GHz is the land grab. WiFi 6E and 7 opened 1,200 MHz of pristine spectrum โ€” more than 2.4 and 5 combined. Seven non-overlapping 160 MHz channels. Three 320 MHz channels. No legacy devices, no microwaves, no Bluetooth. The range is even shorter, but if your router is in the same room, who cares.

That's why your 2.4 GHz network reaches the garden but your 5 GHz network dies at the bedroom wall. It's not a defect. It's physics. Longer wavelengths bend around and penetrate obstacles better. The 2.4 GHz signal at 12.5 cm wavelength diffracts around a doorframe. The 5 GHz signal at 6 cm wavelength gets absorbed by it.

The 2.4 GHz Channel Overlap Problem

The 2.4 GHz band has 11 channels in the US (13 in most other countries), each 20 MHz wide, spaced 5 MHz apart. They overlap. Channel 1 bleeds into channel 2, 3, 4, and 5. Only channels 1, 6, and 11 are far enough apart to not interfere with each other.

2.4 GHz WiFi channel overlap: only channels 1, 6, and 11 are non-overlapping

If your neighbor sets their router to channel 3 and yours is on channel 1, their signal bleeds directly into yours. You'd both be better off on channel 1 -- at least then the routers can hear each other and take turns. Partial overlap is worse than complete overlap, because the radios can't decode the interfering signal well enough to defer to it, but it's strong enough to corrupt their own transmissions.

That's why "auto channel selection" on your router exists -- and why it almost always picks 1, 6, or 11.

CSMA/CA: How WiFi Avoids Collisions

WiFi is half-duplex. Only one device can transmit on a channel at a time. Your router and your laptop take turns. Every phone, tablet, and smart thermostat connected to your network takes turns on the same channel. This is fundamentally different from Ethernet, which is full-duplex on modern switches.

The mechanism that enforces turn-taking is CSMA/CA -- Carrier Sense Multiple Access with Collision Avoidance.

The algorithm is polite to a fault:

  1. Listen. Before transmitting, the device listens to the channel. If someone else is talking, wait.
  2. Wait for silence. Once the channel has been quiet for a specific interval (called DIFS -- Distributed Inter-Frame Spacing, 34 microseconds on 802.11a/g), the device still doesn't transmit immediately.
  3. Random backoff. It picks a random number of time slots to wait (the "contention window"). Only after this random timer expires -- and the channel is still quiet -- does it transmit.
  4. Transmit and wait for ACK. The access point must acknowledge every frame. No ACK means the frame was lost -- retry with a larger contention window.

The random backoff is the collision avoidance part. If two devices both hear the channel go quiet at the same time, the random timer makes it unlikely they'll transmit simultaneously. Not impossible -- but unlikely. On each collision, the contention window doubles -- exponential backoff.

If that pattern sounds familiar, it should. When your HTTP client retries a failed request with exponential backoff and random jitter, it's solving the same problem at a different layer. WiFi does it in microseconds at the radio level to prevent two stations from colliding again. Your web client does it in seconds at the application level to prevent a thousand clients from hammering a recovering server simultaneously. Different timescale, different medium, same insight: randomise the retry, and double the window on failure. The WiFi version came first -- inherited from Ethernet's CSMA/CD in the 1980s. Your retry_with_jitter() function reinvented a 40-year-old radio technique.

Compare this with Ethernet's CSMA/CD (Collision Detection). Ethernet devices transmit and listen simultaneously. If they detect a collision mid-transmission, both stop, send a jam signal, and retry. WiFi can't do this because a radio can't transmit and receive on the same frequency at the same time -- the transmitted signal is a billion times stronger than the received signal and would drown it out. WiFi avoids collisions because it can't detect them.

The Hidden Node Problem

There's a scenario CSMA/CA can't handle on its own. Imagine two laptops connected to the same access point, but on opposite sides of the building. Laptop A can hear the AP but not Laptop B. Laptop B can hear the AP but not Laptop A. Both sense an empty channel and transmit simultaneously. Their signals collide at the AP, and neither knows why their frames aren't getting through.

The solution is RTS/CTS -- Request to Send / Clear to Send. Before transmitting a large frame, a device sends a short RTS frame to the AP. The AP responds with a CTS frame that's heard by everyone in range. The CTS includes a duration field that tells all other devices to shut up for that long. This costs overhead -- two extra frames per transmission -- so it's typically only enabled for frames above a size threshold.

Why WiFi Gets Slower With More Devices

Twenty devices on one access point don't each get 1/20th of the bandwidth. They get less. Much less.

Each device must wait its turn. More devices mean more contention, longer backoff windows, more collisions, more retries. The overhead is proportional to the number of devices contending, not the amount of data they're sending. A room full of idle phones still degrades your WiFi because they're all periodically transmitting management frames, probe requests, and keepalives -- each one claiming the channel for a moment.

That's why your home WiFi feels slow during a family gathering. It's not that your guests are using all your bandwidth. It's that 15 phones are all contending for the channel, and the contention overhead is eating your throughput alive. The bandwidth is there. The airtime isn't.

CSMA/CA contention: successful transmission with random backoff vs collision with exponential backoff retry

Association and Authentication

When you first connect to a WiFi network, a multi-step negotiation happens before you can send a single data frame.

Finding the Network

Your device finds networks in two ways. Passive scanning: it listens on each channel for beacon frames that access points broadcast every ~100 milliseconds. Each beacon contains the network name (SSID), supported rates, security type, and channel information. Active scanning: your device sends probe requests on each channel, asking "is anyone here?" Access points respond with probe responses containing the same information.

That's why your phone's WiFi list populates -- it's cycling through channels, listening for beacons and sending probes. It's also why your phone is trackable in stores: those probe requests contain your device's MAC address. Modern phones randomize the MAC in probe requests to mitigate this, but the effectiveness varies.

The Four-Way Handshake (WPA2/WPA3)

Once you select a network and provide the password, the real cryptography begins. Your password never goes over the air. Instead, both sides derive the same Pairwise Master Key (PMK) from the password and the network name using PBKDF2 (a key derivation function that runs SHA-1 4,096 times to make brute-force attacks expensive).

Then comes the four-way handshake (sorry no Bob and Alice):

  1. AP โ†’ Client: here's a random number (ANonce)
  2. Client โ†’ AP: here's my random number (SNonce), plus a MIC (Message Integrity Code) proving I know the PMK
  3. AP โ†’ Client: here's the group key (for broadcast traffic), encrypted with the derived key, plus a MIC
  4. Client โ†’ AP: acknowledgement

After these four frames, both sides have a Pairwise Transient Key (PTK) derived from the PMK plus both random numbers. Every data frame is encrypted with this key using AES-CCMP (in WPA2) or AES-GCMP (in WPA3). The key is unique to this session, this client, this connection.

Why Open WiFi Is Dangerous

An open network (no password) has no four-way handshake. No PMK. No per-session keys. Every frame goes over the air in plaintext. Anyone with a WiFi adapter in monitor mode (also called promiscuous mode) can read every byte. This includes the coffee shop WiFi, the airport WiFi, and the hotel WiFi.

Monitor mode isn't exotic. A USB adapter like the Alfa AWUS036ACHM โ€” about $40, fits in your pocket โ€” puts your card into passive listening mode where it captures every frame on the channel, not just frames addressed to you. Combine it with Wireshark and you're reading plaintext traffic in real time. This is a standard tool for network engineers and penetration testers. It's also why wardriving was a thing โ€” driving around with a laptop and a directional antenna, mapping open networks and logging traffic. Tools like Kismet automated the process. Wardriving peaked in the mid-2000s when most networks were either open or using WEP (which could be cracked in minutes). WPA2 made passive sniffing useless against encrypted networks, but open networks remain fully transparent.

HTTPS protects the content of your web requests, but DNS queries (unless you're using DoH or DoT), HTTP sites, and unencrypted app traffic are fully visible. The metadata alone โ€” which domains you're visiting, when, how often โ€” is valuable to an attacker. On an open network, that metadata is free for the taking.

WPA3-SAE: The Fix

WPA3 replaced the PSK (Pre-Shared Key) authentication of WPA2 with SAE -- Simultaneous Authentication of Equals. SAE uses a cryptographic protocol called Dragonfly that provides two critical properties WPA2 lacked:

  • Forward secrecy: if someone captures your encrypted traffic today and later learns the WiFi password, they still can't decrypt the old traffic. Each session's keys are ephemeral and not derivable from the password alone.
  • Resistance to offline dictionary attacks: in WPA2, an attacker who captures the four-way handshake can take it home and brute-force the password offline. SAE makes each guess require an interactive exchange with the AP, making offline attacks impossible.

Beamforming and MIMO

Early WiFi was omnidirectional -- the access point blasted signal in all directions equally, like a bare light bulb. Modern WiFi is more like a spotlight.

Beamforming uses multiple antennas to shape the transmitted signal so it's stronger in the direction of the receiving device. The AP sends the same data from each antenna with carefully calculated phase shifts. The signals constructively interfere in the target direction and destructively interfere elsewhere. The result: stronger signal where you need it, less wasted energy where you don't.

MIMO -- Multiple-Input, Multiple-Output -- uses multiple antennas on both ends to send independent data streams simultaneously over the same channel. A 4x4 MIMO system (four antennas on each end) can theoretically quadruple throughput compared to a single antenna. Your laptop's WiFi card likely has 2 antennas. Your router might have 4 or 8.

MU-MIMO (Multi-User MIMO) extends this to serve multiple devices simultaneously. Instead of taking turns, the AP beamforms separate streams to different devices at the same time, each on different spatial paths. WiFi 5 introduced downlink MU-MIMO (AP to devices). WiFi 6 added uplink MU-MIMO (devices to AP).

That's why your router has weird antennas. Those protruding rods aren't decorative. Each one is a separate antenna element, and the router needs spatial diversity -- antennas positioned at different angles and locations -- to create distinct spatial streams. Internal antennas (like in mesh systems) do the same thing; they're hidden inside the enclosure, but the physics is identical.

The Reason Your Video Call Drops

When your Zoom call freezes and your colleague's face turns into a Cubist painting, four things are probably going wrong at once.

Distance and obstacles. Every wall between you and your router costs roughly 3-6 dB of signal strength. A concrete wall can cost 10-15 dB. At -70 dBm (a typical "two bars" signal), your connection is viable but fragile. At -80 dBm, you're in trouble. At -85 dBm, you're disconnecting.

Channel congestion. In an apartment building, your AP might share a channel with a dozen neighbors. CSMA/CA forces everyone to take turns. Your video frame waits in queue while your neighbor's smart TV downloads a firmware update.

Interference. Microwave ovens operate at 2.45 GHz -- dead center of the 2.4 GHz WiFi band. A running microwave can obliterate WiFi channels 6 through 11. Bluetooth devices, cordless phones, baby monitors, and even poorly shielded USB 3.0 cables can add noise.

Bufferbloat. Your router buffers outgoing packets when the WiFi link is congested. Large buffers add latency without improving throughput. A 500ms buffer on a video call means your words arrive half a second late. The connection is technically up. The conversation is technically ruined. If your router supports SQM (Smart Queue Management) or FQ_CoDel (Fair Queuing Controlled Delay), enable it.

Signal strength is not throughput. RSSI (Received Signal Strength Indicator) tells you how loud the signal is, not how fast data moves. You can have strong RSSI and terrible throughput if the channel is congested. You can have weak RSSI and decent throughput if you're the only device on the channel. The WiFi icon on your phone shows signal strength. It tells you nothing about airtime contention, noise floor, or actual data rate.

WiFi 6E and WiFi 7: Finally, Room to Breathe

The most significant WiFi advancement in the last decade isn't speed. It's spectrum.

WiFi 6E opened the 6 GHz band -- 1,200 MHz of pristine, uncongested spectrum. No legacy devices. No microwaves. No Bluetooth. Every device on 6 GHz supports WiFi 6 or later, which means modern features like OFDMA (multi-user channel access) and BSS Coloring (interference mitigation) are universal. The 6 GHz band alone has more usable spectrum than 2.4 GHz and 5 GHz combined.

WiFi 7 (802.11be) builds on this with three headline features:

  • 320 MHz channels: available in the 6 GHz band, offering absurd peak bandwidth at the cost of range. A 320 MHz channel in 6 GHz can theoretically push 46 Gbit/s with 16 spatial streams. In practice, nobody has 16 spatial streams. But even with two streams, you're looking at multi-gigabit wireless speeds.

  • 4K-QAM: QAM (Quadrature Amplitude Modulation) encodes multiple bits into each radio symbol. The number tells you how many distinct signal states it uses โ€” and since each state is a bit pattern, the number is always a power of 2. WiFi 6 uses 1024-QAM: 2ยนโฐ = 1024 states = 10 bits per symbol. WiFi 7 quadruples the states to 4096-QAM: 2ยนยฒ = 4096 states = 12 bits per symbol. Two extra bits per symbol is a 20% throughput increase for free โ€” but distinguishing 4096 signal levels requires a much cleaner signal, so it only works at close range with minimal interference.

  • MLO -- Multi-Link Operation: the feature I'm most excited about. A WiFi 7 device can connect to the AP on multiple bands simultaneously -- 2.4 GHz and 5 GHz and 6 GHz -- and aggregate the bandwidth or use the best link for each packet. Low-latency traffic goes to the least-congested band. Bulk downloads use all bands at once. If one band hits interference, traffic seamlessly shifts to another. This is the first time WiFi has been able to use multiple bands concurrently, and it fundamentally changes the reliability story.

WiFi 7 Multi-Link Operation: simultaneous connections across 2.4, 5, and 6 GHz with automatic packet rerouting

The Part That Gets Me

WiFi is the most successful wireless technology in human history. Over 18 billion devices use it. It works in your home, your office, on airplanes, in coffee shops, in hospitals, in warehouses. It operates in unlicensed spectrum that anyone can use, governed by standards written by committee, using a name that was chosen by a branding firm and means absolutely nothing.

The engineers who designed 802.11 in 1997 couldn't have imagined 46 Gbit/s wireless links or video calls with 20 participants. But the core ideas they established -- OFDM modulation, CSMA/CA channel access, management frames for discovery and association -- still form the foundation of WiFi 7, nearly three decades later.

Every time I open my laptop and start working without plugging in a cable, I'm relying on a system where my device listened to the air for 34 microseconds, picked a random number, waited that many slot times, modulated my data across 52 frequencies, encrypted it with a session key derived from a four-way handshake, and blasted it as radio waves toward a box on my shelf. That box did the reverse, routed my packets to the internet, and got a response back -- all before I noticed the page was loading.

The best infrastructure is the kind you forget exists.

Further Reading

  • IEEE 802.11 โ€” Wikipedia Overview โ€” the most accessible summary of the 802.11 family, from the original 2 Mbit/s standard through WiFi 7. Links to each amendment's technical details without requiring an IEEE subscription.
  • The C10K Problem โ€” Dan Kegel's classic paper on handling 10,000 concurrent connections. Relevant here because CSMA/CA faces the same fundamental challenge: coordinating shared access among many contending parties without a central scheduler.
  • Wireshark 802.11 Capture Setup โ€” how to capture WiFi frames in monitor mode with Wireshark. Seeing beacon frames, probe requests, and the four-way handshake in a packet capture is the fastest way to internalize the protocol.
  • OpenWrt Documentation โ€” the open-source router firmware project. Its documentation covers WiFi configuration at a level that bridges theory and practice: channel selection, transmit power, band steering, and mesh networking on real hardware.
  • WiFi 7 (802.11be) Overview โ€” WiFi Alliance โ€” the WiFi Alliance's summary of WiFi 7 features including MLO, 320 MHz channels, and 4K-QAM. A good non-spec-dense overview of where WiFi is heading.

I'm writing a book about what makes developers irreplaceable in the age of AI. Join the early access list โ†’

Naz Quadri has never successfully connected to hotel WiFi on the first try and at this point considers it a personal failing. He blogs at nazquadri.dev. Rabbit holes all the way down ๐Ÿ‡๐Ÿ•ณ๏ธ.

Top comments (0)