转自http://www.my80211.com/home/2010/1/11/80211-client-active-and-passive-scanning.html &http://madwifi-project.org/wiki/ChipsetFeatures/BackgroundScanning
Active scan—Active scanning occurs when the client changes its IEEE 802.11 radio tothe channel being scanned,broadcasts a probe request, and then waits to hear any probe responses (or periodic beacons) from APson that channel (with a matching SSID). The IEEE 802.11 standards do not specify how long the client should wait, but 10 ms is a representative period. The probe request frames used in an active scan are one of two types:
Directed probe—The client sends a probe request with a specific destination SSID; only APs with a matching SSID will reply with a probe response
Broadcast probe—The client sends a broadcast SSID (actually a null SSID) in the probe request; all APs receiving the probe-request will respond, with a probe-response for each SSID they support.
During a channel scan, the client is unable to transmit or receive client data traffic.There are a number of approaches clients take to minimize this impact to client data traffic:
•Background scanning—Clients may scan available channels before they need to roam. This allows them to build-up knowledge of the RF environment and available APs so they may roam faster if it becomes necessary. Impact to client traffic can be minimized by only scanning when the client is not actively transmitting data, or by periodically scanning only a single alternate channel at a time (scanning a single channel incurs minimal data loss)
BGSCAN is The possibility to scan available channels without losing the current AP association. Since the Atheros card is always operating at a single frequency the driver can only optimize the time when to scan. If you are transferring data continuously, a scan will delay data packets. The driver behaves as if the device went into sleep mode, APs will queue data for a while.
The term "background" is quite misleading and many people thought that the hardware will somehow scan without having an effect on the transfer rate. This is certainly not true. In cases where scanning causes problems a second radio is needed (e.g. a second card just for scanning).
Usage: You can do
iwlist ath0 scan
or
wlanconfig ath0 list scan
in order to scan for instance for APs.
A complete scan requires a few seconds, during that time no data can be transferred. This is critical to certain applications if they require a reliable connection.
•On-roam scanning—In contrast with background, on-roam scanning occurs after a roam has been determined necessary. Each vendor/device may implement its own algorithms to minimize the roam latency and the impact to data traffic. For example, some clients might only scan the non-overlapping channels.
Typical Scanning Behavior
Although most client roaming algorithms are proprietary, it is possible to generalize the typical behavior.
Typical wireless client roam behavior consists of the following activities:
•On-roam scanning—This ensures clients have the most up-to-date information at the time of the roam.
•Active scan—An active scan is preferred over a passive scan, due to lower latency when roaming.
There are some informational attributes that may be used to dynamically alter the roam algorithm:
•Client data type—For example, voice call in progress
•Background scan information—Obtained during routine periodic background scans
Ways in which attributes can be used to alter the scan algorithm include:
•Scan a subset of channels—For example, information from the background scan can be used to determine which channels are being used by APs in the vicinity.
•Terminate the scan early—For example, if a voice call is in progress, the first acceptable AP might be used instead of waiting to discover all APs on all channels.
•Change scan timers—For example, if a voice call is in progress, the time spent waiting for probe responses might be shortened during an active scan.
From -- Cisco Voice Over Wireless LAN 4.1 Design Guide