Chapter 5 The Data Link Layer Application Transport Network data link layer service

Moving data between nearby network elementsbull Move data between end-host and routerbull Move data between end-hostsbull Move data between routers

error detection correction Encryption sharing a broadcast channel multiple access link layer addressing and routing reliable data transfer flow control Interactact as a bridge between the network layer and the physical

layerbull There are many types of physical layer

Which services does the link layer provide that other layers also provide

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing and routing (ARP)

55 Ethernet

56 Link-layer switches 57 PPP 58 Link virtualization

ATM MPLS

Link Layer IntroductionSome terminology hosts and routers are nodes communication channels

that connect adjacent nodes along communication path are links wired links wireless links LANs

layer-2 packet is a frame encapsulates datagram

data-link layer has responsibility of transferring datagram from one node to adjacent node over one or more links - Without visiting any layer 3 nodes

Link layer context

datagram transferred by different link protocols over different links eg Ethernet on first

link frame relay on intermediate links 80211 on last link

each link protocol provides different services eg may provide

reliability over link

transportation analogy trip from Newark to San Jose

limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose

tourist = datagram transport segment =

communication link transportation mode = link layer

protocol Note that a bus or plane trip

might contain many changes of the bus or plane but this seems like a single hop

travel agent = routing algorithm

Link Layer Services framing link access

encapsulate datagram into frame adding header trailer

channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify

source dest bull different from IP address

Routing reliable delivery between adjacent nodes

we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted

pair) wireless links high error rates

bull Q why both link-level and end-end reliability

Link Layer Services (more)

flow control pacing between adjacent sending and receiving nodes

Encryption Some links can easily be tapped so encryption is needed for

privacy

error detection errors caused by signal attenuation noise receiver detects presence of errors

bull signals sender for retransmission or drops frame

error correction receiver identifies and corrects bit error(s) without resorting to

retransmission half-duplex and full-duplex

with half duplex nodes at both ends of link can transmit but not at same time

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing and routing (ARP)

55 Ethernet

56 Link-layer switches 57 PPP 58 Link virtualization

ATM MPLS

Link Layer IntroductionSome terminology hosts and routers are nodes communication channels

that connect adjacent nodes along communication path are links wired links wireless links LANs

layer-2 packet is a frame encapsulates datagram

data-link layer has responsibility of transferring datagram from one node to adjacent node over one or more links - Without visiting any layer 3 nodes

Link layer context

datagram transferred by different link protocols over different links eg Ethernet on first

link frame relay on intermediate links 80211 on last link

each link protocol provides different services eg may provide

reliability over link

transportation analogy trip from Newark to San Jose

limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose

tourist = datagram transport segment =

communication link transportation mode = link layer

protocol Note that a bus or plane trip

might contain many changes of the bus or plane but this seems like a single hop

travel agent = routing algorithm

Link Layer Services framing link access

encapsulate datagram into frame adding header trailer

channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify

source dest bull different from IP address

Routing reliable delivery between adjacent nodes

we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted

pair) wireless links high error rates

bull Q why both link-level and end-end reliability

Link Layer Services (more)

flow control pacing between adjacent sending and receiving nodes

Encryption Some links can easily be tapped so encryption is needed for

privacy

error detection errors caused by signal attenuation noise receiver detects presence of errors

bull signals sender for retransmission or drops frame

error correction receiver identifies and corrects bit error(s) without resorting to

retransmission half-duplex and full-duplex

with half duplex nodes at both ends of link can transmit but not at same time

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer IntroductionSome terminology hosts and routers are nodes communication channels

that connect adjacent nodes along communication path are links wired links wireless links LANs

layer-2 packet is a frame encapsulates datagram

data-link layer has responsibility of transferring datagram from one node to adjacent node over one or more links - Without visiting any layer 3 nodes

Link layer context

datagram transferred by different link protocols over different links eg Ethernet on first

link frame relay on intermediate links 80211 on last link

each link protocol provides different services eg may provide

reliability over link

transportation analogy trip from Newark to San Jose

limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose

tourist = datagram transport segment =

communication link transportation mode = link layer

protocol Note that a bus or plane trip

might contain many changes of the bus or plane but this seems like a single hop

travel agent = routing algorithm

Link Layer Services framing link access

encapsulate datagram into frame adding header trailer

channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify

source dest bull different from IP address

Routing reliable delivery between adjacent nodes

we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted

pair) wireless links high error rates

bull Q why both link-level and end-end reliability

Link Layer Services (more)

flow control pacing between adjacent sending and receiving nodes

Encryption Some links can easily be tapped so encryption is needed for

privacy

error detection errors caused by signal attenuation noise receiver detects presence of errors

bull signals sender for retransmission or drops frame

error correction receiver identifies and corrects bit error(s) without resorting to

retransmission half-duplex and full-duplex

with half duplex nodes at both ends of link can transmit but not at same time

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link layer context

datagram transferred by different link protocols over different links eg Ethernet on first

link frame relay on intermediate links 80211 on last link

each link protocol provides different services eg may provide

reliability over link

transportation analogy trip from Newark to San Jose

limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose

tourist = datagram transport segment =

communication link transportation mode = link layer

protocol Note that a bus or plane trip

might contain many changes of the bus or plane but this seems like a single hop

travel agent = routing algorithm

Link Layer Services framing link access

encapsulate datagram into frame adding header trailer

channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify

source dest bull different from IP address

Routing reliable delivery between adjacent nodes

we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted

pair) wireless links high error rates

bull Q why both link-level and end-end reliability

Link Layer Services (more)

flow control pacing between adjacent sending and receiving nodes

Encryption Some links can easily be tapped so encryption is needed for

privacy

error detection errors caused by signal attenuation noise receiver detects presence of errors

bull signals sender for retransmission or drops frame

error correction receiver identifies and corrects bit error(s) without resorting to

retransmission half-duplex and full-duplex

with half duplex nodes at both ends of link can transmit but not at same time

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer Services framing link access

encapsulate datagram into frame adding header trailer

channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify

source dest bull different from IP address

Routing reliable delivery between adjacent nodes

we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted

pair) wireless links high error rates

bull Q why both link-level and end-end reliability

Link Layer Services (more)

flow control pacing between adjacent sending and receiving nodes

Encryption Some links can easily be tapped so encryption is needed for

privacy

error detection errors caused by signal attenuation noise receiver detects presence of errors

bull signals sender for retransmission or drops frame

error correction receiver identifies and corrects bit error(s) without resorting to

retransmission half-duplex and full-duplex

with half duplex nodes at both ends of link can transmit but not at same time

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer Services (more)

flow control pacing between adjacent sending and receiving nodes

Encryption Some links can easily be tapped so encryption is needed for

privacy

error detection errors caused by signal attenuation noise receiver detects presence of errors

bull signals sender for retransmission or drops frame

error correction receiver identifies and corrects bit error(s) without resorting to

retransmission half-duplex and full-duplex

with half duplex nodes at both ends of link can transmit but not at same time

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Where is the link layer implemented

in each and every host in the network

Which other layers are implemented in every host

link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)

Ethernet card PCMCI card 80211 card

implements link physical layer

attaches into hostrsquos system buses

combination of hardware software firmware

controller

physicaltransmission

cpu memory

host bus (eg PCI)

network adaptercard

host schematic

applicationtransportnetwork

link

linkphysical

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Adaptors Communicating

sending side encapsulates datagram

in frame adds error checking bits

rdt flow control etc

receiving side looks for errors rdt flow control

etc extracts datagram

bull passes to upper layer at receiving side

bull Moves frame to another link

controller controller

sending host receiving host

datagram datagram

datagram

frame

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields

bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction

otherwise

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Parity Checking

Single Bit ParityDetect single bit errors

Two Dimensional Bit ParityDetect and correct single bit errors

0 0

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Internet checksum (review)

Sender treat segment contents

as sequence of 16-bit integers

checksum addition (1rsquos complement sum) of segment contents

sender puts checksum value into UDP checksum field

Receiver compute checksum of

received segment check if computed

checksum equals checksum field value NO - error detected YES - no error detected

But maybe errors nonetheless

Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that

ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero

remainder error detected can detect all burst errors less than r+1 bits

widely used in practice (Ethernet 80211 WiFi ATM)

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CRC ExampleWant

D2r XOR R = nGequivalently

D2r = nG XOR R equivalently if we divide D2r by

G want remainder R

R = remainder[ ]D2r

G

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Multiple Access Links and Protocols

Two types of ldquolinksrdquo point-to-point

PPP for dial-up access point-to-point link between Ethernet switch and host

broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN

shared wire (eg cabled Ethernet)

shared RF (eg 80211 WiFi)

shared RF(satellite)

humans at acocktail party

(shared air acoustical)

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Multiple Access Control (MAC) protocols

single shared broadcast channel two or more simultaneous transmissions by

nodes interference collision if node receives two or more signals at the

same time

multiple access protocol An algorithm that determines how nodes

share channel ie determine when node can transmit

communication about channel sharing must use channel itself out-of-band channel for coordination is difficult

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ideal Multiple Access Protocol

Broadcast channel of rate R bps1 when one node wants to transmit it can send

at rate R2 when M nodes want to transmit each can

send at average rate RM3 fully decentralized

no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient

4 simple

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

MAC Protocols a taxonomy

Three broad classes Channel Partitioning

divide channel into smaller ldquopiecesrdquo (time slots frequency code)

allocate piece to node for exclusive use this approach is difficult since we know that statistical

multiplexing can support more users Random Access

channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be

inefficient Predictableguaranteed performance is difficult to achieve

Centralizedtaking turns

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Channel Partitioning MAC protocols TDMA

TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in

each round unused slots go idle GSM (some cell phones) uses TDMA

Why So service is predictable and calls can be rejected if there is not enough

bandwidth

example 6-station LAN 134 have pkt slots 256 idle

1 3 4 1 3 4

6-slotframe

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Channel Partitioning MAC protocols FDMA

FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands

256 idle

frequ

ency

bands time

FDM cable

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Random Access Protocols

When node has packet to send transmit at full channel data rate R no a priori coordination among nodes

bull Some approaches use limited coordination

two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies

how to detect collisions how to recover from collisions (eg via delayed

retransmissions)

Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

The ALOHA Protocol

Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to

send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used

As will be seen many protocols have a period of time where nodes transmits when they want

During such periods of time the MAC essentially Aloha

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Collisions

Invalid frames may be caused by channel noise or

Because other station(s) transmitted at the same time collision

Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can

occur

Question 2 where can errors be detected and corrected

Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ALOHArsquos Performance 1

Timet0

t0+t t0+2t t0+3t

If another node transmits here then there is a collision

vulnerableIf another node starts to transmit

during this vulnerable period then a collision will occur

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ALOHArsquos Performance

Assume that users try to send frames at random times (Poisson events)

Let G be the average rate that users try to send frames per frame time

G is the utilization Why

Model the moment transmission start as points along the time line

Next slide

The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is

2 2

k

eGkP

Gk

The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful

G e-2G

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Poisson process

events

Events are distributed according to a Poisson process with parameter if

P(k events in period of length T) = exp(-T)(T)k k

is the rate that events occur = number of events in period WW (when W is large)

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Aloha performance

vulnerabilityperiod

P(k events in period of length T) = exp(-T)(T)k k

The probability of no collision is probability of no event in the vulnerability period = 2T

Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ALOHArsquos Performance

The best throughput occurs for what value of GWhat is this best throughput

0 1 2 30

01

020184

0

G e 2 G

30 G

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries

Timet0

t0+t t0+2t t0+3t

If a frame is transmitted here then a collision

occursBut this will only happen if

a packet arrives at the MAC layer during this

period

vulnerable

If another node selects to transmit during this vulnerable period then a collision will occur

The vulnerable period is half the size of unslotted aloha

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Slotted Aloha

Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1

G=1 means typically a node tries to transmit each slot

However the throughput is well below 1 there any many collisions

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Slotted Aloha Performance

0 2 40

02

040368

0

G e G

40 G

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ALOHA and Slotted ALOHA

Pros single active node can

continuously transmit at full rate of channel

decentralized simple

Cons Collisions

wasting slots Inefficient

idle slots nodes may be able to

detect collision in less than time to transmit packet

Slotted aloha requires clock synchronization

Lose synchronization requires guard times which reduces efficiency

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMA (Carrier Sense Multiple Access)

CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission

human analogy donrsquot interrupt others

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Question

For 10 Mbps ethernet the maximum cable length is 2000m

For 100Mbps ethernet the maximum cable length is 200m

Why is the maximum length for 100Mbps 10 times shorter than 10Mbps

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMA collisions

collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted

spatial layout of nodes

noterole of distance amp propagation delay in determining collision probability

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMACD collision detectionTransmitter 1

Transmission time

time

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Collision detectedby transmitter 1When is it detected

Receiver 1 receives garbled signal

Position on wireReceiver 1

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMACD collision detectionPosition on wireTransmitter 1

Transmission time

Collision NOT detected

by transmitter 1

Transmitter 2

Propagation delay

Collision detectedby transmitter 2

Receiver 1

Receiver 1 receives garbled signal

What are the requirements to ensure that collisions are detected

The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

time

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMACDWhat are the requirements to ensure that collisions are detected

The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore

2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate

If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B

Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet

The minimum frame length in Ethernet is independent of bit-rate

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMACD (Collision Detection)CSMACD carrier sensing with collision

detection collisions detected within short time colliding transmissions aborted reducing

channel wastage collision detection

easy in wired LANs measure signal strengths compare transmitted received signals

Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength

human analogy the polite conversationalist

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

persistent

1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit

bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide

p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the

next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but

just enough time to let other hosts start sending

Exponential Backoff Next slide

What to do when the link is found to be busy

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)

2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle

a pick an integer r between 0 and BO-1b Wait r time slots

1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end

2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then

transmit5 If a collision is detected

a Continue to transmit so that all nodes will know that a collision occurred then stop

b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024

c Go to step 4

Exponential Backoff

Question discuss the different ways in which backoff is used in network protocols

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols

share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N

bandwidth allocated even if only 1 active node Random access MAC protocols

efficient at low load single node can fully utilize channel

high load collision overheadbull Be careful Here we say that high load is when the number

of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad

ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely

deployed YET

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn

master

slaves

data

data

data

poll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

master

slaves

data

datapoll

data

pollpollpoll

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master) master

slaves

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ldquoTaking Turnsrdquo MAC protocols

Polling master node ldquoinvitesrdquo slave

nodes to transmit in turn After each node is given a chance the

pattern repeats If a slave has no data to send then it

does nothing and the master quickly polls the next node

concerns polling overhead latency single point of failure (master)

QoS guarantees can be made

If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does

bull When congested new calls are rejected but existing call continue to receive good performance

bull Consider the difference between the demands by VoIP and services provided by TCP

Guarantees are worth much more money than non-guarantees

master

slaves

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ldquoTaking Turnsrdquo MAC protocolsToken passing control token

passed from one node to next sequentially

token message concerns

token overhead Latency single point of failure

(token)

T

data

(nothingto send)

T

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Summary of MAC protocols

channel partitioning by time frequency or code Time Division Frequency Division

random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)

hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk

about wireless)

taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM MPLS

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

MAC Addresses and ARP

32-bit IP address network-layer address used to get datagram to destination IP subnet

MAC (or LAN or physical or Ethernet) address function get frame from one interface to another

physically-connected interface (same network)bull The textbook is wrong about this Today hosts are

almost never physically connected 48 bit MAC address (for most LANs)

bull burned in NIC ROM also sometimes software settable

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

LAN Addresses and ARPEach adapter on LAN has unique LAN address

Broadcast address =FF-FF-FF-FF-FF-FF

= adapter

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN(wired orwireless)

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

LAN Address (more)

MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to

assure uniqueness) Check OUI lookup

bull Google OUI lookupbull Enter MAC addressbull See manufacture

analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability

can move LAN card from one LAN to another IP hierarchical address NOT portable

address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed

bull Whereas the IP address can stay the same

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP Address Resolution Protocol

Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a

ARP table IPMAC address mappings for some LAN nodes

lt IP address MAC address TTLgt

TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)

Question how to determineMAC address of Bknowing Brsquos IP address

1A-2F-BB-76-09-AD

58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98

71-65-F7-2B-08-53

LAN

137196723

137196778

137196714

137196788

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP protocol Same LAN (network) A wants to send datagram to C

Check if Crsquos IP address is in the same subnet

Use subnet mask and compare this nodes IP to Crsquos IP

Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt

the first 8 bytes define the subnet

bull So in this case A and B are in different subnets

bull Thus the datagram is sent to the gateway which must be in the same subnet

bull Suppose that the B is the gateway but only the IP address of B is known

Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet

and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing

Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query

bull Other types include datagram all machines on LAN receive ARP query

B receives ARP packet replies to A with its (Bs) MAC address

frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its

ARP table until information becomes old (times out)

soft state information that times out (goes away) unless refreshed

ARP is ldquoplug-and-playrdquo nodes create their ARP tables without

intervention from net administrator

A

C

B

D

LAN

Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112

I have 1114

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Addressing routing to another LAN

R

1A-23-F9-CD-06-9B

222222222220111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

walkthrough send datagram from A to B via R assume A knows Brsquos IP address

two ARP tables in router R one for each IP network (LAN)

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest

frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its

destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B

R

1A-23-F9-CD-06-9B

222222222220

111111111110

E6-E9-00-17-BB-4B

CC-49-DE-D0-AB-7D

111111111112

111111111111

A74-29-9C-E8-FF-55

222222222221

88-B2-2F-54-1A-0F

B222222222222

49-BD-D2-C7-56-2A

This is a really importantexample ndash make sure youunderstand

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP

Watch wireshark without any connections What happens if I set an entry in the ARP table

with the IP address of my gateway but my MAC address

Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P

bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =

Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP spoofing ndash man-in-the-middle attack

If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate

wires from the switch (link layer router) to each host

bull But ARP attack still works

Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the

victim I respond with my MAC

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Who has IP address 1234

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Who has IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

MAC 0012121212 has IP address 1234

MAC 0012121212 has IP address 1234

Save MACIP mapping in cache for 20 minutes

Attacker knows the MAC of victim

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the MAC of victim

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Source MAC 0011111111 Who has ip blablablablaTell IP address 1234

Save IPARP mapping in cache

Confusedhellip but ignores it

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP spoofing ndash man-in-the-middle attack

VictimMAC=001212121212

IP 1234

attackerMAC=001111111111

IP= 5678

Some other hostswitch

Attacker knows the secret plan

MAC 0011111111 IP1234 The secret plan is hellip

MAC 0012121212 IP1234 The secret plan is hellip

Ahh I got the secret plan I was expecting

Changed MAC address to correct address

Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

ARP spoofing ndash man-in-the-middle attack

Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP

tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is

running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address

bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Link-layer switches 57 PPP 58 Link Virtualization

ATM and MPLS

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ethernet

ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps

Metcalfersquos Ethernetsketch

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Star topology bus topology popular through mid 90s

all nodes in same collision domain (can collide with each other)

star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes

do not collide with each other) LAN

Multiple stars connected (wersquoll see later)

switch

bus coaxial cable star

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ethernet Frame Structure

Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame

Preamble 7 bytes with pattern 10101010 followed by one

byte with pattern 10101011 used to synchronize receiver sender clock

rates

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ethernet Frame Structure (more) Addresses 6 bytes

if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol

otherwise adapter discards frame (unless in promiscuous modes) Type

ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell

IPX AppleTalk) CRC checked at receiver if error is detected frame is

dropped

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ethernet Unreliable connectionless connectionless No handshaking between sending

and receiving NICs unreliable receiving NIC doesnrsquot send acks or

nacks to sending NIC stream of datagrams passed to network layer can have

gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps

Ethernetrsquos MAC protocol unslotted CSMACD

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ethernet CSMACD algorithm

1 NIC receives datagram from network layer creates frame

2 If NIC senses channel idle starts frame transmission

3 If NIC senses channel busy waits until channel idle then transmits 1-persistant

4 If NIC transmits entire frame without detecting another transmission NIC is done with frame

4 If NIC detects another transmission while transmitting aborts and sends jam signal

5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Ethernetrsquos CSMACD (more)

Jam Signal make sure all other transmitters are aware of collision 48 bits

Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec

Exponential Backoff Goal adapt retransmission

attempts to estimated current load heavy load random

wait will be longer first collision choose K

from 01 delay is K 512 bit transmission times

after second collision choose K from 0123hellip

after ten or more collisions choose K from 01234hellip1023

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN

ttrans = time to transmit max-size frame

efficiency goes to 1 as tprop goes to 0

as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst

better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur

transprop ttefficiency

51

1

960

1010081500

102200

51

1

68

m

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

8023 Ethernet Standards Link amp Physical Layers

many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)

applicationtransportnetwork

linkphysical

MAC protocoland frame format

100BASE-TX

100BASE-T4

100BASE-FX100BASE-T2

100BASE-SX 100BASE-BX

fiber physical layercopper (twisterpair) physical layer

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Manchester encoding

used in 10BaseT each bit has a transition allows clocks in sending and receiving nodes

to synchronize to each other no need for a centralized global clock among nodes

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53 Multiple access protocols

54 Link-layer Addressing

55 Ethernet

56 Link-layer switches

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Hubshellip physical-layer (ldquodumbrdquo) repeaters

bits coming in one link go out all other links at same rate

all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions

twisted pair

hub

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become

one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT

hub

hubhub

hub

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Switch link-layer device smarter than hubs take active role

Store and forward Ethernet framesbull Question do switches in circuit switching networks store and

forward examine incoming framersquos MAC address selectively forward

frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment

transparent hosts are unaware of presence of switches

plug-and-play self-learning switches do not need to be configured

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Switch allows multiple simultaneous transmissions

hosts have dedicated direct connection to switch

switches buffer packets Ethernet protocol used on

each incoming link but no collisions full duplex each link is its own collision

domain switching A-to-Arsquo and B-

to-Brsquo simultaneously without collisions not possible with dumb hub

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Switch Table

Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5

A each switch has a switch table each entry (MAC address of host interface

to reach host time stamp)

looks like a routing table Q how are entries created

maintained in switch table something like a routing

protocol

A

Arsquo

B

Brsquo

C

Crsquo

switch with six interfaces(123456)

1 23

45

6

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Switch self-learning

switch learns which hosts can be reached through which interfaces Some interfaces are

configured But in other caseshellip

when frame received switch ldquolearnsrdquo location of sender incoming LAN segment

records senderlocation pair in switch table

A

Arsquo

B

Brsquo

C

Crsquo

1 23

45

6

A Arsquo

Source ADest Arsquo

MAC addr interface TTL

Switch table (initially empty)

A 1 60

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Switch frame filteringforwardingWhen frame received

1 record linkinterface associated with sending host 3 if entry found for destination

then if dest on segment from which frame arrived

then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries

forward on all but the interface on which the frame arrived

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-Learning

MAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

Dest=B Source=A

Make table entry for A No table entry for B so flood

Dest=B Source=A

Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

MAC Interface

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=ADest=B Source=A

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Make table entry for A No table entry for B so flood

Dest=B Source=A

Dest=B Source=ADest=B Source=A

Dest=B Source=A

Make table entry for A No table entry for B so flood

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

MAC Interface

A 2

A

B

Dest=A Source=B

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

A 1

B 3

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

A 1

B 3

MAC Interface

A 1

B 2

MAC Interface

A 2

A

B

Dest=A Source=B

Make table entry for B Have a table entry for A so forward

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Self-LearningMAC Interface

1

2

3 1 2

3

21

3

2 3

1

MAC Interface

MAC Interface

MAC Interface

A

B

20 minutes later all table entries are deleted

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Poorly Designed Institutional network Why

to externalnetwork

router

LAN - IP subnet

mail server

web server

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated

A

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Institutional network without a single point of failure

to externalnetwork

router

IP subnet

mail server

web server

A

Edge in spanning tree

ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree

Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are

represented by edgesbull This is backwards from what you might expect ie switches as

vertices and LANs as edges On any graph there exists a tree that spans all nodes where

there is only one path between any pair of nodes ie NO loops

If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

This tree is formed by ldquodisconnectingrdquo switches from some LANs

bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN

bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch

B3

LAN A

LAN B

B2

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Spanning Tree Algorithm (1)

LANs are represented by vertices and bridgesswitches are represented by edges

This is backwards from what you might expect ie switches as vertices and LANs as edges

When manufactured each bridge is given a unique ID The root is the node with the smallest ID

Approach Compute paths to the node with smallest ID

Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID

If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B

If bull LAN Brsquos next hop to the switch with lowest ID is

LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is

LAN Dbull then switch B2 will disconnect from LAN B and C

B3

LAN A

LAN B

B2

LAN C

B1

LAN D

B0

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Spanning Tree Algorithm (2)

Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the

root bridge 3 The distance (hops) from the sending bridge to the root

bridge

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway

A B

C

DE F

GH

I

J

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each switch computes distance to root in terms of LAN hops

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Each of the roots interfaces is ON

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Arsquos next hop is LAN E Turn on the two interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Drsquos next hop is LAN GTurn on the two interfaces

Note that B3 will not have any interfaces ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

LAN Crsquos next hop is LAN F Turn on the interfaces

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

B3

B1

B7

B2

B5

B4B6

Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches

A switch will keep an interface active if1 the interface is along a LANrsquos shortest

path to the root2 If a LAN has more than one shortest

path then switch with the smallest ID is used

Take a distance vector approach so we only consider neighbors

A B

C

DE F

GH

I

J

0

12

1

1 1

1

Which other interfaces are ldquoonrdquo

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Layer 2 Routing

L2 routing table is automatically maintained (set up and updated as topology changes)

3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access

control etc Loop resolution must happen before address

learning On the EECIS network the link to the campus

network would go down for ~50ms This would trigger loop resolution

bull During which time no packets were forwarded

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Switches vs Routers both store-and-forward devices

routers network layer devices (examine network layer headers) switches are link layer devices

routers maintain routing tables implement routing algorithms

switches maintain switch tables implement filtering learning algorithms

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Summary comparison

hubs routers switches

traffi c isolation

no yes yes

plug amp play yes no yes

optimal routing

no yes no

cut through (vs store and f orward)

yes no yes

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Link Layer

51 Introduction and services

52 Error detection and correction

53Multiple access protocols

54 Link-Layer Addressing

55 Ethernet

56 Hubs and switches VLAN

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Typical LAN Grouped based on the hub (physically) Use routers as LAN segmentation (broadcast) A single enterprise LAN is too large

Each ARP request is broadcast over the entire LAN When self-learning (eg every 20 minutes)

bull too much traffic is floodedbull This traffic is viewable by anyone in the LAN (not easy to provide firewalls between

groups)

Solution Create smaller LANs each with subnet The subnet could represent a workgroup

bull Shared drives printers etcbull LAN-based Firewallaccess control

However 20 to 40 of work force moves every year

bull Recabling readdressing and reconfiguration Work group members might be in different locations

bull eg dedicated switch for each work group in each floor or each building Canrsquot we share switches with other work groups

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

VLAN

VLAN is a broadcast domain Grouped based on logical function

department or application Traffic can only be switched between

VLANS with a router Like switching between regular LANs

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

VLAN

VLANs can logically segment users into different subnets (broadcast domains)

Broadcast frames are only switched on the same VLAN ID

Users can be logically group via software based on Ethernet portjack port number protocol being used application being used

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

LAN VS VLAN

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

VLAN across backbone

Backbone Inter-Domain communication High-speed link (100 Mbps or more) Inter-connect to router

VLAN traffic between switches (trunks) is tagged (8021q) or encapsulated (ISL) to identify VLAN membership

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Routerrsquos Role

Provides connection between different VLANs

For example you have VLAN1 and VLAN2 Within the switch users on separate VLANs

cannot talk to each other (benefit of a VLAN)

However users on VLAN1 can access a web server on VLAN2 but they need a router to do it

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

VLAN Techniques

Two techniques Frame Filtering--examines particular

information about each frame (MAC address or layer 3 protocol type)

Frame Tagging--places a unique identifier in the header of each frame as it is forwarded throughout the network backbone

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Frame Tagging

IEEE 8021q Assigns a VLAN ID to each frame Switch understands the tag Places a tag in the frame Tags are removed by the switch

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

VLAN implementation

Created by software running on Layer 2 switches

Three methods for implementing VLANs Port-Centric Static Dynamic

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Port-Centric VLAN

Same VLAN same router interface Easy for management

3 Port-Centric VLANs

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Static VLAN

Ports on a switch are administratively assigned to a VLAN

Benefits can be assigned by port address or protocol type secure easy to configure and monitor works well in networks where moves are controlled

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Dynamic VLAN

Switch ports can automatically determine a userrsquos VLAN assignment based on eitheror MAC logical address protocol type

When connected to an unassigned port the switch dynamically configures the port with the correct VLAN

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Virtualization of networks

Virtualization of resources powerful abstraction in systems engineering

computing examples virtual memory virtual devices Virtual machines eg java IBM VM os from 1960rsquos70rsquos

layering of abstractions donrsquot sweat the details of the lower layer only deal with lower layers abstractly

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

The Internet virtualizing networks

1974 multiple unconnected nets ARPAnet data-over-cable networks packet satellite network (Aloha) packet radio network

hellip differing in addressing conventions packet formats error recovery routing

ARPAnet satellite netA Protocol for Packet Network Intercommunication V Cerf R Kahn IEEE Transactions on Communications May 1974 pp 637-648

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

The Internet virtualizing networks

ARPAnet satellite net

gateway

Internetwork layer (IP) addressing internetwork

appears as single uniform entity despite underlying local network heterogeneity

network of networks

Gateway ldquoembed internetwork packets

in local packet format or extract themrdquo

route (at internetwork level) to next gateway

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Cerf amp Kahnrsquos Internetwork ArchitectureWhat is virtualized two layers of addressing internetwork and local

network new layer (IP) makes everything homogeneous at

internetwork layer underlying local network technology

cable satellite 56K telephone modem today ATM MPLS

hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Multiprotocol label switching (MPLS)

initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address

PPP or Ethernet header

IP header remainder of link-layer frameMPLS header

label Exp S TTL

20 3 1 5

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

MPLS capable routers

aka label-switched router forwards packets to outgoing interface based

only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding

tables signaling protocol needed to set up forwarding

RSVP-TE forwarding possible along paths that IP alone would

not allow (eg source-specific routing) use MPLS for traffic engineering

must co-exist with IP-only routers

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

R1R2

D

R3R4R5

0

1

00

A

R6

in out outlabel label dest interface 6 - A 0

in out outlabel label dest interface10 6 A 1

12 9 D 0

in out outlabel label dest interface 10 A 0

12 D 0

1

in out outlabel label dest interface 8 6 A 0

0

8 A 1

MPLS forwarding tables

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Chapter 5 Summary principles behind data link layer services

error detection correction sharing a broadcast channel multiple access link layer addressing

instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM

MPLS

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath

Chapter 5 letrsquos take a breath journey down protocol stack complete

(except PHY) solid understanding of networking

principles practice hellip could stop here hellip but lots of

interesting topics wireless multimedia security network management

• Chapter 5 The Data Link Layer
• Link Layer
• Link Layer Introduction
• Link layer context
• Link Layer Services
• Link Layer Services (more)
• Where is the link layer implemented
• Adaptors Communicating
• Slide 9
• Error Detection
• Parity Checking
• Internet checksum (review)
• Checksumming Cyclic Redundancy Check
• CRC Example
• Slide 15
• Multiple Access Links and Protocols
• Multiple Access Control (MAC) protocols
• Ideal Multiple Access Protocol
• MAC Protocols a taxonomy
• Channel Partitioning MAC protocols TDMA
• Channel Partitioning MAC protocols FDMA
• Random Access Protocols
• The ALOHA Protocol
• Collisions
• ALOHArsquos Performance 1
• ALOHArsquos Performance
• Poisson process
• Aloha performance
• Slide 29
• Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
• Slotted Aloha
• Slotted Aloha Performance
• ALOHA and Slotted ALOHA
• CSMA (Carrier Sense Multiple Access)
• Question
• CSMA collisions
• CSMACD collision detection
• Slide 43
• CSMACD
• CSMACD (Collision Detection)
• persistent
• Exponential Backoff
• ldquoTaking Turnsrdquo MAC protocols
• Slide 49
• Slide 50
• Slide 51
• Slide 52
• Slide 53
• Summary of MAC protocols
• Slide 55
• MAC Addresses and ARP
• LAN Addresses and ARP
• LAN Address (more)
• ARP Address Resolution Protocol
• ARP protocol Same LAN (network)
• Slide 61
• Addressing routing to another LAN
• Slide 63
• ARP
• ARP spoofing ndash man-in-the-middle attack
• Slide 66
• Slide 67
• Slide 68
• Slide 69
• Slide 70
• Slide 71
• Ethernet
• Star topology
• Ethernet Frame Structure
• Ethernet Frame Structure (more)
• Ethernet Unreliable connectionless
• Ethernet CSMACD algorithm
• Ethernetrsquos CSMACD (more)
• CSMACD efficiency
• 8023 Ethernet Standards Link amp Physical Layers
• Manchester encoding
• Slide 82
• Hubs
• Interconnecting with hubs
• Switch
• Switch allows multiple simultaneous transmissions
• Switch Table
• Switch self-learning
• Switch frame filteringforwarding
• Self-Learning
• Slide 91
• Slide 92
• Slide 93
• Slide 94
• Slide 95
• Slide 96
• Slide 97
• Slide 98
• Slide 99
• Poorly Designed Institutional network Why
• Institutional network without a single point of failure
• Slide 102
• Loop Resolution
• Spanning Tree Algorithm (1)
• Spanning Tree Algorithm (2)
• Slide 106
• Slide 107
• Slide 108
• Slide 109
• Slide 110
• Slide 111
• Slide 112
• Slide 113
• Slide 114
• Slide 115
• Slide 116
• Layer 2 Routing
• Switches vs Routers
• Summary comparison
• Slide 120
• Typical LAN
• VLAN
• VLAN
• LAN VS VLAN
• VLAN across backbone
• Routerrsquos Role
• VLAN Techniques
• Frame Tagging
• VLAN implementation
• Port-Centric VLAN
• Static VLAN
• Dynamic VLAN
• Virtualization of networks
• The Internet virtualizing networks
• Slide 135
• Cerf amp Kahnrsquos Internetwork Architecture
• Multiprotocol label switching (MPLS)
• MPLS capable routers
• MPLS forwarding tables
• Chapter 5 Summary
• Chapter 5 letrsquos take a breath