Scanning 802.11 Networks
The 802.11 device can perform two types of network scans:
Explicit scans
The 802.11 device performs an explicit scan after receiving an OID_802_11_BSSID_LIST_SCAN set command. When performing explicit scans, the device scans for BSS networks across all supported channels.Implicit scans
The 802.11 device performs an implicit scan on its own without a preceding OID_802_11_BSSID_LIST_SCAN set command. For example, the device might perform implicit scans periodically to update its cached BSSID scan list. It might also perform an implicit scan prior to roaming in order to find a BSSID candidate to associate with.
When performing scans, the device can use the following scanning methods:
Active scans
The 802.11 device broadcasts an 802.11 probe request on the channel it is scanning on. The driver uses the zero-length broadcast SSID in the probe request. The driver will add any received 802.11 beacons or probe responses to its cached BSSID scan list.Passive scans
The 802.11 device does not send an 802.11 probe request. Instead, it dwells on a channel for a period of time and adds any received 802.11 beacons or probe responses to its cached BSSID scan list.
The device must do the following when performing an explicit scan in response to a setting of OID_802_11_BSSID_LIST_SCAN:
The device must flush the current contents of its cached BSSID scan list before initiating the explicit scan request.
The device must scan both infrastructure and ad hoc networks, regardless of the current setting of its network mode.
The device can use either the active or passive scanning methods, or a combination of both scanning methods.
Note Active scanning is preferred whenever appropriate.
When performing an active scan, the device sets the BSSID to the broadcast MAC address in the 802.11 probe request that it sends. The device also sets the SSID to the zero-length broadcast SSID in the probe request.
The device must perform the scan across all the frequency channels and bands that it supports.
The miniport driver must minimize its response time for this OID. It is recommended that the driver just initiate the scan and return NDIS_STATUS_SUCCESS in response to the setting of OID_802_11_BSSID_LIST_SCAN. The driver must not return NDIS_STATUS_PENDING or wait for the scan to complete before returning NDIS_STATUS_SUCCESS.
The driver saves the results of the scan in its BSSID scan list. This driver must update this cache with any additional BSSIDs that it finds while performing implicit scans.
The operating system periodically queries the driver with OID_802_11_BSSID_LIST. The driver must respond to this query with the contents of its BSSID scan list in the following way:
The driver returns its BSSID scan list in the NDIS_802_11_BSSID_LIST_EX structure.
Note The NDIS_802_11_BSSID_LIST structure is obsolete and should not be used.
If this OID is queried within six seconds of a preceding OID_802_11_BSSID_LIST_SCAN set operation, then the miniport driver must return its entire BSSID scan list.
If this OID is queried without a preceding OID_802_11_BSSID_LIST_SCAN set operation, then the miniport driver can return a list of BSSIDs that are valid to associate with, based on the device's current 802.11 configuration. For example, if the driver's network mode is configured for ad hoc mode, then the driver can just return a list of ad hoc networks found from its last scan.
If this OID is queried six or more seconds after OID_802_11_BSSID_LIST_SCAN is set, then the list of BSSIDs must also contain all of the BSSIDs that the device found during any implicit scans performed by the device.
If the device is associated, but the associated BSSID is not in its BSSID scan list, then the driver must add an entry for the BSSID at the end of the data that it returns in response to query of OID_802_11_BSSID_LIST.
For IEEE 802.11a- and IEEE 802.11b-capable devices, the miniport driver must return a complete list of the IEEE 802.11a and IEEE 802.11b BSSIDs.
Note The device must not initiate a new scan when queried with OID_802_11_BSSID_LIST.