Wednesday, November 12, 2014

Introduction to Network chapter 5: Ethernet



Ethernet operates at datalink and physical layer

Ethernet most widely used LAN technology

defined by IEEE 802.2 and 802.3

speeds between 10 and 100,000 Mb/s

802.2 - LLC
802.3 - MAC and Physical layers

LLC sublayer 
     handles communication between upper and lower layers
     between networking software and device hardware
     implemented in software
     considered driver software

MAC sublayer
     lower sublayer of data link layer    
     2 responsiblities
          data encapsulation
          media access control

          data encapsulation
               frame assembly before trasnmission
               frame dissassembly upon reception
               adds header and trailer to network layer pdu

          data encapsultion has 3 primary functions
               frame delimiting     
                    used to identify groups of bits that make up a frame
                    provides syncronization between transmitting and receiving
               addressing     
                    contains physical address 

               Error detection
                    contains a CRC value used to determine if the contents have changed

     media access control
          responsible for placement of frames on the media (wire)
          removal of frames from the media

          underlying logical topology is a multiaccess bus
           all nodes in a network segment share the medium
                uses CSMA

understanding CSMA
     1) detect if there is a signal on the media
               a) if busy, wait
     2) if no signal, transmit

     if there is a collision, all data is bad and must be resent

     contention-based methods have less overhead than controlled access systems
     do not scale well with heavy media use

     CSMA/CD
     widespread use of switched networks makes CSMA/CD largely unneeded
     CSMA/CA in wireless still needed



     Every device receives every frame
     To prevent mass processing of frames not intended for that device, MAC was created.
     
     MAC used to identify which device should process a frame

     MAC address structure
     1st 24 bits/ 6 hex digits - Organizationally Unique Identifer
     Last 24 bits/ 6 hex digits - Vendor assigned

     1) Source computer sends
     2) each NIC in the network views the information
          a) if the destination MAC matches, then the frame is processed further
          b) if not, the frame is dropped

Ethernet Frame Attributes

     created in 1973

     2 primary versions
     -802.3 Ethernet Standard
     -DIX Ethernet, or Ethernet II         Used in TCP/IP networks
     framing style differences are minimal

     
both define minimum frame size as 64 bytes
     max 1518

     preamble/Start Frame Delimiter not included when describing frame size

     any frame less that 64 bytes discarded as a "runt"

     VLAN technology increased maximum frame size to 1522 

frame too big or too small, frame is dropped


Ethernet Frame
     -preamble and SFD - synchronization between sender and receiver
     -Destination MAC -
     -Source MAC
     -Length Field - exact length of the frame's data field;  can indicate which higher-layer protocol is used;
          if size greater than 1536, frame is ethertype protocol indicated.
          -if 1500 or less, then use of 802.3 frame format

     -data field - contains encapsulated layer 3 pdu

     -frame check sequence - used to detect errors


In Ethernet, different MAC addresses used for layer 2 unicast, broadcast, and multicast communications

Unicast -destination MAC of receiver
broacast - destination MAC of FFFF.FFFF.FFFF
Multicast - destination MAC is 01-00-5E 

MAC and IP
2 primary addresses assigned to a host
     Physical Address - MAC
     Logical Address - IP


Source device sends based on IP address 

DNS used to identify remote network

ARP protocol has 2 basic functions
     -resolving IPv4 addresses to MAC addresses
     -maintaining a table of mappings

Frame must have destination address to be placed on the media (wire)
refers to ARP table or ARP cache.  Stored in RAM on all devices

Each entry binds a MAC with an IP

table maintained dynamically
-adds information by
     -monitoring network
     -ARP request - L2 broadcast to all devices on the LAN

 -entries are time stamped;  if the system doesn't get a message by the time stamp expires, the entry is removed
-also capable of static entries

ARP to remote network
     -when host creates a packet for a destination, it compares destination IP address to its own IP address to determine if they are both on the same network.

     -if not the same network, then ARP to router interface serving as the gateway


ARP issues
     overhead on the media
          -could initially flood the network
     security - ARP spoofing or ARP poisoning 
          -broadcast adn security issues can be mitigated with modern switches
          -switches segment LAN into independent collision domains
          -switches send to only sender and receiver, reducing traffic flows

Switching
     devices usually connected by a layer 2 switch
     switch builds MAC table to make forwarding decisions

     if destination MAC is not known, switch sends the frame out all port except receiving port
     when destination responds, switch adds MAC to its MAC table
     -capable of multiple MACs per port (switch connected to a switch)

     switch MAC table sometimes referred to as CAM (content addressable memory)

     -transparent to network protocols and user applications
     -can operate in different modes that affect the end user
          -duplex settings
               -half duplex - one talks ata time
               -full duplex - send and receive at the same time;  CSMA/CD shut off in this case
          
     -Cisco Catalyst supports 3 duplex settings
          -half
          -full
          -auto


     -proper cabling also required (or used to be)     
          -MDIX auto function
          autmatic medium dependent interface crossover (auto-mdix)

     switches use following forwarding methods
          -store and forward
               get the entire frame before forwarding
               use CRC to determine if it needs to dump frame
               analyzes destination for where to forward
               required for QoS analysis
          -cut-through
               holds frame until it gets destination address, then forwards
               no error checking
               faster than store and forward, but can send broken frames

               2 variations to cut-through
                    -fast-forwards
                         offers lowest level of latency
                         typical of cut-through switching
                    -fragment free
                         reads first 64 bytes before forwarding (most errors occur in first 64 bytes)
                    
               switches use buffering techniques
                    port-based memory buffering
                         frames are stored in queues that are linked to specific incoming and outgoing ports
                         delay occurs if there is nothing transmitting on other ports and buffer is full
                    shared memory buffer
                         frame stores in common buffer used for all ports
                         useful for asymmetric switching

    Fixed or Modular switches
          PoE allows power to be sent to devices

          forwarding rate defines how many frames the switch can process in a second
          stackable vs non-stackable
          modular configurations - add more cards

          Small form-factor pluggable (ports that can be purchased and easily changed out on each switch)

     Layer 3 switch
          capable of performing layer 3 routing as opposed to the standard switch that just handles layer 2

          support Cisco Express Forwarding (CEF)
          complex, but based on 
               Forwarding Information Base
                    conceptionally similiar to routing table
               Adjacency table
                     maintains layer 2 next-hop addresses for all FIB entries

               separation provides benefits
                    -adjacency table can be built separately from the FIB table
                    -MAC header rewrite used to forward a packet is not stored in cache entries

          layer 3 switch variants

               Switch virtual interface (SVI) 
                    logical interface on a switch associated with a VLAN
               Routed port
                    physical port on an L3 switch configured to act as a router port
                    allow L3 switch to act as a router
                    not associated with a  particular vlan
                    L3 interface only and does not support L2 protocol
                    no switchport interface configuration command
               Layer 3 EtherChannel
                    logical itnerface on a Cisco device associated with a bundle of routed ports

No comments:

Post a Comment