Chapter 2 Overview of underlying Network Technologies
Despite the potential drawback of not being able to guarantee network capacity, connectionless networks have become extremely popular. The chief motivations for adopting packet switching are cost and performance.
2.2 Hardware Addressing Schemes
Internet protocols must handle one particular aspect of network hardware: heterogeneous addressing schemes. Each network hardware technology defines an addressing mechanism that computers use to specify the destination for a packet. A packet sent across a network includes two addresses: a destination address that specifies the intended recipient, and a source address that specifies the sender.
2.3 Ethernet (IEEE 802.3)
2.3.1 Automatic Negotiation
The important aspect of multi-speed Ethernet lies in automated configuration. When a cable is plugged in, both ends enter a negotiation phase. The negotiation determines the type of cable (straight through or cross-over) and the maximum speed that the other side of the connection can support.
Broadcast Capability. Ethernet supports broadcast, which means a sender can
specify that a given packet should be delivered to all computers that are attached to the
network. We will see that TCP/IP depends on Ethernet broadcast.
Best-Effort Delivery Semantics. Ethernet uses best-effort delivery semantics, which means that the network tries to deliver packets, the hardware does not guarantee delivery and does not inform a sender if the packet cannot be delivered.
2.3.3 48-Bit Ethernet MAC (Hardware) Addresses
An Ethernet address is assigned to a network interface card, not to acomputer
The IEEE 48-bit MAC addressing scheme provides three types of addresses:
Ethernet frames are variable length, with no frame smaller than 64 octets or larger than 1514 octets (header and data). When transmitted, the frame also includes a 4-octet Cyclic Redundancy Check (CRC) that is used to check for transmission errors. Because the CRC field is added by the sending hardware and checked by the receiving hardware, the CRC is not visible to higher layers of protocol software.
2.5 Optical Carrier and Packet Over SONET (OC, POS)
The data rates of available circuits have been chosen to carry multiples of 64 Kbps because a digitized voice call uses an encoding known as Pulse Code Modulation(PCM) which produces 8000 samples per second, where each sample is 8 bits. Thus, it is 8000x8bits = 64kb.
Higher-rate digital circuits require the use of fiber. Figure below lists examples of Optical Carrier(OC) standards and the data rate of each. A suffix on “OC” denotes a capacity.
2.6 Point-to-Point Networks
If the communication system connects exactly two endpoints, it is known as a point-to-point network. Thus, a leased data circuit is an example of a point-to-point network. Dialup provides an example of a point-to-point network.
2.1 Two Approaches to Network Communication
2.1.1 Connection Oriented (Circuit Switched)
Connection-oriented networks operate by forming a dedicated connection or circuit between two points That is, once a circuit is established, no other network activity will decrease the capacity of the circuit. One disadvantage of connection-oriented technology arises from cost: circuit costs are fixed, independent of use.2.1.1 Connection Oriented (Circuit Switched)
2.1.2 Connectionless (Packet Switched)
In a connectionless system, data to be transferred across a network is divided into small pieces called packets that are multiplexed onto high capacity inter machine connections. The chief advantage of packet-switching is that multiple communications among computers can proceed concurrently, with inter-machine connections shared by all pairs of computers that are communicating. The disadvantage, of course, is that as activity increases, a given pair of communicating computers receives less of the network capacity. Despite the potential drawback of not being able to guarantee network capacity, connectionless networks have become extremely popular. The chief motivations for adopting packet switching are cost and performance.
2.2 Hardware Addressing Schemes
Internet protocols must handle one particular aspect of network hardware: heterogeneous addressing schemes. Each network hardware technology defines an addressing mechanism that computers use to specify the destination for a packet. A packet sent across a network includes two addresses: a destination address that specifies the intended recipient, and a source address that specifies the sender.
2.3 Ethernet (IEEE 802.3)
2.3.1 Automatic Negotiation
The important aspect of multi-speed Ethernet lies in automated configuration. When a cable is plugged in, both ends enter a negotiation phase. The negotiation determines the type of cable (straight through or cross-over) and the maximum speed that the other side of the connection can support.
Autonegotiation works by sending eletrical pulses. In 10Base-T these are called Normal Link Pulses (NLP). They are sent every 16th ms with a tolerance of 8 ms. They are only sent when the Network Interface Card (NIC) is not receiving or sending traffic. They look like this:
In the fast Ethernet standard (802.3u) these are called Fast Link Pulses (FLP) and they look like this:
These electrical pulses lets us determine the speed and duplex mode that is available in autonegotiation. The priority for choosing a speed and duplex mode goes like this:
- 1000Base-T – Full duplex
- 1000Base-T - Half duplex
- 100Base-T2 – Full duplex
- 100Base-TX – Full duplex
- 100Base-T2 – Half duplex
- 100Base-T4
- 100Base-TX – Half duplex
- 10BaseT – Full duplex
- 10BaseT – Half duplex
If one side is set to auto and the other side hardcoded parallell detection kicks in. Parallell detection can determine the speed by looking at the format of the electrical pulses it is receiving from its link partner. Duplex can’t be detected so that will default to half duplex. This is why we sometimes see links with 100/half duplex. If one side is auto and the other 100/full the auto side will be set to 100/half.
2.3.2 Important Properties of EthernetBroadcast Capability. Ethernet supports broadcast, which means a sender can
specify that a given packet should be delivered to all computers that are attached to the
network. We will see that TCP/IP depends on Ethernet broadcast.
Best-Effort Delivery Semantics. Ethernet uses best-effort delivery semantics, which means that the network tries to deliver packets, the hardware does not guarantee delivery and does not inform a sender if the packet cannot be delivered.
2.3.3 48-Bit Ethernet MAC (Hardware) Addresses
An Ethernet address is assigned to a network interface card, not to acomputer
The IEEE 48-bit MAC addressing scheme provides three types of addresses:
- Unicast
- Broadcast
- Multicast
There are several types of Ethernet frames:
- Ethernet II frame, or DIX. It is the most common type in use today, as it is often used directly by the Internet Protocol.
- IEEE 802.2 Logical Link Control (LLC) frame
- IEEE 802.2 Subnetwork Access Protocol (SNAP) frame
The different frame types have different formats and MTU values, but can coexist on the same physical medium. Differentiation between frame types is possible based on the below table.
In addition, all four Ethernet frames types may optionally contain an IEEE 802.1Q tag to identify what VLAN it belongs to and its priority (quality of service). This encapsulation is defined in the IEEE 802.3ac specification and increases the maximum frame by 4 octets.
2.3.4.1 Ethernet II Ethernet frames are variable length, with no frame smaller than 64 octets or larger than 1514 octets (header and data). When transmitted, the frame also includes a 4-octet Cyclic Redundancy Check (CRC) that is used to check for transmission errors. Because the CRC field is added by the sending hardware and checked by the receiving hardware, the CRC is not visible to higher layers of protocol software.
Take a look at an Ethernet frame:
The preamble is a pattern of alternating ones and zeroes and ending with two ones
The preamble field won’t show up in a packet capture since the network card will already have stripped it before it’s available for capture. The preamble field contains a synchronization pattern that consists of alternating ones and zeros and ends with two consecutive ones. It is used to synchronize node communication but also to indicate where the frame start. Because it is not processed in the same way as the rest of the frame we do not have to count the eight bytes of preamble when calculating Ethernet frame size. This is what preamble looks like:
1010101010101010101010101010101010101010101010101010101010101011
The source and destination MAC is used for switching based on the MAC.
The EtherType field specifies that upper level protocol. Some of the most well known ones are:
0×0800 – IP
0×8100 – 802.1Q tagged frame
0×0806 – ARP
0x86DD – IPv6
0×8100 – 802.1Q tagged frame
0×0806 – ARP
0x86DD – IPv6
After that follow the actual payload which should be between 46 – 1500 bytes in size.
In the end there is a Frame Checking Sequence (FCS) which is used to check the validity of the frame. If the CRC check fails the frame is dropped.
In total the frame will be maximum 1514 bytes or 1518 if counting the FCS.
2.3.4.2 IEEE 802.3 with LLC Header
When it comes to 802.3 Ethernet there are actually two frame formats. One is 802.3 with 802.2 LLC SAP header. It looks like this.
This was the original version from the IEEE. Many of the fields are the same. Let’s look at those that are not.
The preamble is now divided in preamble and Start Frame Delimiter (SFD) but the function is the same.
The length field is used to indicate how many bytes of data are following this field before the FCS. It can also be used to distinguish between DIX frame and 802.3 frame as for DIX the values in this field will be higher e.g. 0×806 for ARP. If this value is greater than 1536 (0×600 Hex) then it is a DIX frame and the value is an Ethertype value. The length cannot be bigger than 1500 as the maximum size of frame is 1500.
* Hexadecimal 0x600 = 1536 ( 0 x 16^3 + 6 x 16^2 + 0 x 16^1 + 0 x 16^0)
http://www.cavestory.org/guides/csasm/guide/hex2.html
* Hexadecimal 0x600 = 1536 ( 0 x 16^3 + 6 x 16^2 + 0 x 16^1 + 0 x 16^0)
http://www.cavestory.org/guides/csasm/guide/hex2.html
Then we have some interesting values called DSAP, SSAP and Control. SAP stands for Service Access Point, the S and D in SSAP and DSAP stands for source and destination.
They have a similar function as the Ethertype. The SAP is used to distinguish between different data exchanges on the same station. The SSAP indicates from which service the LLC data unit was sent and the DSAP indicates the service to which the LLC data unit is being sent. IP has a SAP of 6 and 802.1D (STP) has a SAP of 42. It would be very strange to have a different SSAP and DSAP so these values should be the same. IP to IP would be SSAP of 06 and DSAP of 06. One bit (LSB) in the DSAP is used to indicate if it is a group address or an individual address. If it is set to zero it refers to an individual address going to a Local SAP (LSAP). One bit in the SSAP (LSB) indicates if it is a command or response packet. That leaves us with 64 possible different SAPs for SSAP and DSAP.
The contol field is used to select if communication should be connection-less or connection-oriented. Usually error recovery and flow control are performed by higher level services such as TCP.
2.3.4.3 IEEE 802.3 with SNAP Header
The IEEE had problems to address all the layer 3 processes due to the short DSAP and SSAP fields in the header. This is why they introduced a new frame format called Subnetwork Access Protocol (SNAP). Basically this header is using the type field found in the DIX header. If the SSAP and DSAP is set to 0xAA and the Control field is set to 0×03 then SNAP encapsulation will follow. SNAP has a five byte extension to the standard 802.2 LLC header and it consists of a 3 byte OUI and a two byte Type field.
From a vendor perspective this is good because then they can have an OUI and then create their own types to use. If we look at PVST+ BPDUs from a Cisco device we will see that they are SNAP encapsulated where the organization code is Cisco (0x00000c) and the PID is PVSTP+ (0x010b). CDP is also using SNAP and it has a PID of CDP (0×0200). I will talk more about BPDUs and STP in a following post but first I wanted to provide the background on the Ethernet frame types used.
In summary there are three different Ethernet frame types used. DIX frame, also called Ethernet II, IEEE 802.3 with LLC and IEEE 802.3 with SNAP encapsulation. There are others out there as well but these are the three major ones and the DIX one is by far the most common one.
2.4 Zigbee (IEEE 802.15.4)
IEEE has created standard 802.15.4 for a low-power wireless network technology intended to support connections of small embedded devices. The low-power aspect makes 802.15.4 radios attractive for devices that run on battery power. The packet size is 127 octets, but only 102 octets are available for a payload.
2.4 Zigbee (IEEE 802.15.4)
IEEE has created standard 802.15.4 for a low-power wireless network technology intended to support connections of small embedded devices. The low-power aspect makes 802.15.4 radios attractive for devices that run on battery power. The packet size is 127 octets, but only 102 octets are available for a payload.
2.5 Optical Carrier and Packet Over SONET (OC, POS)
The data rates of available circuits have been chosen to carry multiples of 64 Kbps because a digitized voice call uses an encoding known as Pulse Code Modulation(PCM) which produces 8000 samples per second, where each sample is 8 bits. Thus, it is 8000x8bits = 64kb.
If the communication system connects exactly two endpoints, it is known as a point-to-point network. Thus, a leased data circuit is an example of a point-to-point network. Dialup provides an example of a point-to-point network.
No comments:
Post a Comment