How to detect disassociation by AP reboot within station in PS mode

Question

I'm writing a fairly low-level driver for a wireless card, and while most of the spec is fairly straightforward, I haven't wrapped my head around a single question yet:

If my station is in power-save mode and its receiver is turned off for an extended period (say, 10 seconds) between DTIM frames, and the access point is rebooted in the meantime so my association is lost, how can I detect this?

I'm aware that the most common case will be that synchronisation is lost thoroughly enough that I will miss a number of beacons and simply go back to the AP search afterwards, but if by some lucky chance I get to see beacons, is there some way to find out that this is a new "instance" of the same AP?

I can think of

• a short(er) TIM field -- however I believe APs are allowed to shorten the TIM information if no traffic is waiting
• the AP timestamp changing unexpectedly.
• the "number of beacons to next DTIM" field changing unexpectedly.

Being a perfectionist, I'd like to know if there is an entirely reliable way to detect that the AP has been rebooted, rather than just putting together clues.

Answer 1

I would suggest that you look at the TSF in received beacon frames and if it differs too much from the TSF you expected you send a NULL-data frame to the AP. If the AP was rebooted it should respond with a deauthenticate frame with reason "Class 2 frame received from nonauthenticated STA".