prof. dr. r.nitsch, fh darmstadt layer 21 module 4 – layer 2 fundamentals reiner nitsch fb...

Layer 2 1

Prof. Dr. R.Nitsch, FH Darmstadt

Module 4 – Layer 2 Fundamentals

Reiner NitschFB InformatikOffice: F16/15cPhone: 9255Email: [email protected]

Layer 2 2


Layer 1 Limitations - Layer 2 Tasks

• Layer 1 involves – media, signals, bit streams

that travel on media, – components that put signals

on media, and – various topologies.

• Layer 2 tasks and services are– Layer-2 protocols transmit Layer-3 PDUs over a single link between two

network nodes– Communicate with the upper-level layer using Logical Link Control (LLC)

Sublayer– Organize or group the bits using a Layer 2 frame format (framing)– Decide which computer will transmit binary data from a group that are all

trying to transmit at the same time using a system called Media Access Control (MAC).

– Reliable Data Transmission (Optional)– Flow Control (Optional)– Error detection– Error recovery (optional)– Identify computers using a Layer 2 addressing (or naming) process.

• All Layer-2 protocol tasks are implemented within the Network Interface Circuit (NIC)

Layer 2 3


Error Detection and Error Correction Techniques

• Layer-2 PDUs include Error Discovery and Correction (EDC) bits in order to enable error detection at the receiving node

• Even with good EDC techniques bit errors may remain unrecognized. The propability of such an event should be as small as possible.

• Techniques in common use are parity checks, cyclic redundancy check (CRC) and forward error correction (FEC)

0010111100111010 1

Paritätsprüfungen:

Prüfung mit gerader 1-Bit-Parität

0010111100111010 10010100101001110 1

1101011100010100 01000100010010010 1

0101100111110010 1

2-dimensionale gerade Parität

1-dimensionale gerade Parität

0010111100111010 10010100001001110 1

1101011100010100 01000100010010010 1

0101100111110010 1

Korrigierbare Bitfehler: jeder Einzelbitfehler

Erkennbare Bitfehler: jede Kombination von 2 Fehlern

Layer 2 4


Error Correction AND Detection Scenario

D

Datagram

EDC

Bit error-prone link

D+Errors = D'

Datagram

EDC'

allbits in D'

ok?

Y

N Discardframe

Recompute EDCfrom D' and comparewith EDC'

Layer 2 5


Internet Checksum

• The Internet Checksum is used by the protocols IP, TCP und UDP (RFC 1071)

0010010010101101 0100100101010110 1011010001011110 1010110111100010

0010010010101101

0100100101010110

1011010001011110

1010110111100010

0111010001000111

1000101110111000

even parity for each column

ones complementEinerkomplement

( 0 and 1 swapped)

0010010010101101

0100100101010110

1011010001011110

1010110111100010

1000101110111000

1111111111111111

transmit

transmit

16-Bit-Internet-checksum

No errors!Every 0 would

indicate an error

Transmitter Receiver

even parityeach column

Layer 2 6


Cyclic Redundancy Check

• Is based on powerful mathematics (endliche Felder, finite fields) • Ethernet (IEEE 802.3) and Token Ring (IEEE 802.5) use the so called

CRC-32 Method, which produces a CRC value of 32 Bit length• This Method allows to detect

– All single-bit errors– All bit-pair errors– All frames with an odd error count

• It's not possible to correct errors with the CRC information!

T T T

XOR

Message + "000"

At the end of processing the registers contain the error check bits.

Layer 2 7


Forward Error Correction

• The ability of a receiver to detect and correct errors is known as forward error correction (FEC)

• FEC is commonly used in audio and video storage and playback devices (Audio CD, DVD), DSL, …

• FEC reduces the number of sender retransmissions required.• This is important for real-time network application because they have

not to wait for the round-trip propagation delay associated with each retransmission.

• FEC techniques demand for powerful mathematics.

Layer 2 8


Layer-2 (Data Link) Sublayers

The IEEE divides the OSI data link layer into two separate sublayers.

Media Access Control (MAC) (transitions down to media)

Logical Link Control (LLC) (transitions up to the network layer)

The MAC sublayer is concerned with the physical components that will be used to communicate the information.

The LLC sublayer remains relatively independent of the physical equipment

The LLC, as a sublayer, participates in the encapsulation process.

Layer 2 9


MAC – Media Access Control Sublayer

• is concerned with physical naming (addressing); defines MAC addressing; • The NIC uses the MAC address to assess whether the message is

destined for that host and therefore should be passed onto the upper layers of the OSI model.

• The NIC makes this assessment without using CPU processing time.

The Media Access Control (MAC) sublayer deals with the protocols that a host

follows in order to access the physical media.

is responsible for the actual framing builds the 1s and 0s to hand off to

the physical layer. is responsible for media access: (later)

Random Access Token Passing Polling (Master sequentially asks

all slaves wether they have to transmit data or not)

IPX IP APPLE-TALK

LLC

Layer 3Layer 3

Layer 2 - LLCLayer 2 - LLC

MAC &Layer 1MAC &Layer 1 Ethernet Token Ring

FDDI

Layer 2 10


Media Access Control

• Two types of links exist in networks– point-to-point links consist of a single

sender and a single receiver at its ends.– broadcast links with multiple sender

and receivers connected to the same shared transmission medium

• A well-known example is a class room with a teacher, several pupils and the air as shared transmission media.

• Communication in a class room follows these rules:

– Give everyone a chance to speak– Don't speak until you are spoken to.– Don't monopolize the conversation– Raise your hand if you have a question– Don't interrupt when someone is

speaking– Don't fall asleep when someone else is

talking

• Computer networks similarly have protocols, so called multiple access protocols

Layer 2 11


Multiple Access Protocols

• For a broadcast channel of rate R bits/s we have the following desired characteristics:

– Throughput R bps when only one node has data to send– Average throughput R/M bps when M nodes have data to send– Decentralized protocol; no master nodes as single point of failures– Simple protocol that is inexpensive to implement

• Many different multiple access protocols have been implemented in various link layer technologies. They all belong to one of the following categories:

– channel partitioning protocols– random access protocols– taking-turns protocols

Layer 2 12


Channel Partitioning Protocols

• Time Division Multiple Access – TDMA– divides time into time frames and

further divides each time frame into N time slots

– assigns each time slot to one of N nodes

– Examples: Data-Highways (SDH, PDH,…)

• Frequency Division Multiple Access – FDMA– divides available frequency band into N

frequency slots– Assigns each frequency to one of N

nodes– Examples: Radio, TV,...

in former times

• pros&cons:– No collisions possible. – each node has all the time a fixed

R/N bps bandwidth available even when only one node has data to send.

TD

M-M

UX link (R bps)

K2

K1

K3

K2K1 K3 K2K1 K3

TD

M-D

EM

UX

K2

K1

K3

time frame time slot

time

FD

M-M

UX link

K2

K1

K3

K2K1 K3

FD

M-D

EM

UX

K2

K1

K3

available frequency band

frequencyf1 f2

Layer 2 15


Random Access Protocols

• Nodes transmit at the full channel bitrate R bps

• When 2 nodes transmit at the same time, a collision occurs

• Nodes repeatedly retransmit their frames until they get transmitted without collision

• Nodes wait a individually selected random time before they start the retransmission in order to avoid a new collision

• Dozens of random access protocols are described in literature (see: R.Rom,M.Sidi: Multiple Access Protocols, Performance and Analysis)

• Most commonly in use are– ALOHA protocols– Carrier Sense Multiple Access

(CSMA) protocols

Layer 2 16


Slotted ALOHA

• Assumptions– All frames consists of exactly L bits– Time is divided in slots of size L/R

seconds (=time to transmit a frame)– Nodes start frame transmissions only at

the beginnings of the slots– Nodes can detect collisions before the

slot ends• Operation of slotted ALOHA

– Nodes, with frames to send, wait until the beginning of the next slot and transmit the entire frame (Nodes must be synchronized to slot times)

– Without a collision the frame is successfully transmitted

– If a collision is detected the node retransmits the frame in each subsequent slot with a probability of p until the frame is transmitted successfully. The node effectively tosses a coin to determine wether retransmission will start in next slot.

Advantages• full rate for active node• highly decentralized• extreme simple

successfull slotsempty slots

collisions

Layer 2 17


Efficiency of slotted ALOHA

Definition:• Efficiency is defined as the long-run

fraction of successfull slots in case of large number of nodes (N)

Assumptions: – Each node attemps to transmit a

fresh frame in each slot with probability p (nodes allways have frames to send)

– Collided frames are retransmitted in the next slot with same probability p

Calculation of Efficiency• Probability of a successfull node

– p(1-p)N-1

• Probability of successfull slot fraction– Np(1-p)N-1 = Efficiency E

0.4

0

E p 250( )

E p 500( )

E p 750( )

E p 1000( )

0.30 p 1000 0.05 0.1 0.15 0.2 0.25 0.3

0

0.1

0.2

0.3

0.41/e= 37%

Disadvantages: • Only 37 % of the slots do useful work• Max. effective channel transmission

rate is 0,37·R bps• A similar analysis shows:

•37% slot times go empty•26% slot times have collisions

Layer 2 18


Carrier Sense Multiple Access

Reason for the bad efficiency of ALOHA• In slotted ALOHA, decision to send is

made independent of the other nodes activities

– nodes send without regard to other nodes sending activities

– node don't stop transmission when a collision occurs

• Polite humans obey the following rules in conversation

– Listen before speaking: In networking world this is called "carrier sense"

– If someone else begins talking at the same time, stop talking: In networking world this is called "collision detection"

• These 2 rules are embedded in the family of CSMA (carrier sense multiple access) and CSMA/CD (CSMA with collision detection)

• Why do collisions occur despite the carrier sensing feature? ->see space-time diagram

CSMA (without CD) space-time diagram:

4 nodes in space (A,B,C,D)t0: node B senses idle channel and

starts sending; signal propagates in both directions along the broadcast medium

t1: node C senses idle channel at time t1 and starts sending too. Signal from node B has not yet reached node D because limited light velocity

Layer 2 19


CSMA with Collision Detection

• CSMA protocol family didn't perform collision detection. They continue to transmit their frames even in case of a collision.

• Collision detection and aborting the transmission in case of a detected collision will rise protocol performance

During this time bandwith is wasted by CSMA protocols

Layer 2 20


Taking-Turns Protocols

• Review of desireable protocol characteristics

– Throughput R bps when only one node has data to send

– Average throughput R/M bps when M nodes have data to send

• ALOHA has the first characteristic but not the second! Taking-turns protocols have both!

• Important taking-turns protocols are– Polling Protocol– Token-Passing Protocol

Polling Protocol• requires a master node• master node polls each node in round

robin fashion• Each polled node is authorized to

send a maximum number of frames. • End of transmission is indicated by

lack of signal!• Advantages:

– No collisions, no empty slots better efficiency

• Disadvantages– polling delay (time needed to poll

a node). If only one node is active N-1 polling delays are wasted.

– Master node is single point of failure

Layer 2 21


Token-Passing Protocol

• There is no master node• A small, speacial-purpose frame known as a token is exchanged among the

nodes in some fixed order (Ex: Node 1 Node 2 … Node N Node 1; logical ring topology)

• The node holding the token is authorized to send a maximum number of frames. • After end of transmission or if nothing is to send, the token is immediately

passed to the next node.

Advantages• Token passing is decentralized and has high efficiency

Problems• Failure of one node can crash the entire channel• If a faulty node doesn't release the token a recovery procedure has to get the

token back into circulation

• Over the years many token-passing products have been developed (Token Ring (IEEE 802.5), FDDI (Fiber Distributed Data Interface) All of these have become relatively minor players in competition with Ethernet

Layer 2 22


Naming Computers with MAC Addresses

• MAC addresses are:– 48 bits in length – Expressed as twelve hexadecimal digits.– The first six hexadecimal digits, which are

administered by the IEEE "universally administered address", identify the manufacturer or vendor and thus comprise the Organizational Unique Identifier (OUI).

– The remaining six hexadecimal digits comprise the interface serial number, or another value administered by the specific vendor.

• MAC addresses are sometimes referred to as burned-in addresses (BIAs) because they are burned into read-only memory (ROM)

• The PC software (in PROTOCOL.INI or NET.CFG) can be configured to substitute a different address number. When this option is used, it is called a "locally administered address."

48-Bit-MAC-Address

•IEEE OUI FAQs: http://standards.ieee.org/faqs/OUI.html

• MAC addresses provide a way for computers (nodes) to identify themselves within LANs (Ethernet, Token Ring, FDDI)

Layer 2 23


Introduction to Ethernet

• Ethernet developed in the 1970s • success of Ethernet is due to the following factors:

– Simplicity and ease of maintenance – Ability to incorporate new technologies – Reliability – Low cost of installation and upgrade

History• Early 1970s: At the University of Hawaii a system called Alohanet was developed

to control access of various stations. This work formed the basis for the Ethernet access method known as CSMA/CD.

• 1980: First Ethernet standard; published by Digital Equipment Company, Intel, and Xerox (DIX); open standard; up to 10 Mbps; Thicknet; <= 2000 m

• 1985: 802.3 Ethernet standard is published by IEEE; complies to ISO/OSI model; only small modifications to original (DIX)-Ethernet.

• Any Ethernet network interface card (NIC) can transmit and receive both Ethernet and 802.3 frames.

• 1995: IEEE announced a standard for a 100-Mbps Ethernet (100BASE-T, 100m).• 1998 and 1999: IEEE standards for Gigabit Ethernet (1000BASE-T, 100m).• All the standards are essentially compatible with the original Ethernet standard.• Many Ethernet standard supplements were added in order to use different

transmission media and higher transmission rates.

A drawing of the first Ethernet system by Bob Metcalfe

Layer 2 24


Let us focus on the Layer 2, Data Link, Ethernet Frame for now.

APDU(Data)

Transport Header

Transport Header

NetworkHeader

Transport Header

NetworkHeader

LinkHeader

TPDU(Segment)

NPDU(Packet)

LPDU(Frame)

Bits

data

data

data

1010010100010101111101100010110110001

dataEmail

LinkTrailer

Review: Encapsulation Example

Routers

Switches, Bridges

Repeaters, Hubs,

Cables, etc.

Hosts

Layer 2 25


Generic Data Link Frame

• Framing is the Layer 2 encapsulation process. • A frame is the Layer 2 protocol data unit (2-PDU). • Framing provides order, or structure, to the bitstream.• There are many different types of frames described by various standards. • A single generic frame has sections called fields• Eeach field is composed of bytes. • The names of the fields are as follows:

– Start frame field – Address field – Length / type field – Data field – Frame check sequence field (FCS)

• Logical link control (LLC) bytes are also included with the data field in the IEEE standard frames.

• There are three common conventions for the format of the remainder of the frame:

– Ethernet II or DIX – IEEE 802.3 and 802.2 – SNAP

Layer 2 27


IEEE 802.3 and 802.2

• Maximum size of Ethernet frame payload (data) is 1500 and Xerox did not assign type values below 1500. This allows DIX and 802 standards to overlap conflictlessly.

• The 802.2 header follows the 802.3 header (and also follows the comparable fields in a Token Ring, FDDI, or other types of LAN).

MAC MAC

FCS calculation

64 bis 1518 Bytes

Byte

• The DIX standard did not need a length field because the vendor protocols that used it (XNS, DECNET, IPX, IP) all had their own length fields. However, the 802 committee needed a standard that did not depend on the good behavior of other programs. The 802.3 standard therefore replaced the two byte type field with a two byte length field.

Interpretation of Length/Type Field:•Value >= 0x600 (hex): Type field (Ethernet II or DIX, Ethernet 802.3)•Value < 0x600 (hex): Length field (Ethernet 802.3)

Layer 2 32


Ethernets Type of Service

• All of the Ethernet technologies provide connectionless service to the network layer.

– No handshaking is done with receiving node• All of the Ethernet technologies provide unrealiable service to the

network layer.– Received frames are not acknowledged– A frame that fails the CRC check is discarded without informing the

sender• The lack of reliable service makes Ethernet simple and cheap• Does the application at the receiving node see the gaps in the data

stream?– No, if the layer-3 or layer-4 services detect and recover from the

gaps. Example: If TCP is the layer-4 protocol in use then the gaps are detected and retransmission is enabled because TCP offers connection-oriented and reliable transport service to it's upper layers.

– Yes, if they do not. If IP is the layer-3 protocol and UDP is the layer-4 protocol the gaps will remain undetected because both protocols offer only unreliable transport service to their upper layers .

Layer 2 33


Sending and receiving Ethernet frames on a bus

• When an Ethernet frame is sent out on the “bus” all devices on the bus receive it.

What do they do with it?• Each NIC card compares its own

MAC address with the Destination MAC Address.

• If it matches, it copies in the rest of the frame.

• If it does NOT match, it ignores (filters) the rest of the frame …

– … unless you are running a Sniffer program

• So, what happens when multiple computers try to transmit at the same time?

• They produce a collision. Collisions are the most common error condition on an Ethernet.

1111 2222 3333 nnnnAbbreviate

dMAC

Addresses

11113333

1111 2222 3333 nnnn

XCollision!

Layer 2 34


CSMA/CD (Carrier Sense Multiple Access with Collision Detection)

•Ethernet is a shared-media broadcast technology.

•The access method CSMA/CD used in Ethernet performs three functions: – Transmitting and receiving data

packets. – Decoding data packets and

checking them for valid addresses before passing them to the upper layers of the OSI model.

– Detecting errors within data packets or on the network.

•Collision detection method: Monitor the amplitude of the signal during transmission. If the amplitude increases on the networking media a collision has occurred.

•In case of collision the nodes stop transmitting for a random period of time (backoff time), which is (hopefully) different for each device.

•When a device's backoff delay period expires, that device can attempt to gain access to the networking media.

Layer 2 35


CSMA/CD (Carrier Sense Multiple Access with Collision Detection) • Listens to the network’s shared media to see if any other users is “on

the line” by trying to sense a neutral electrical signal or carrier.• If no transmission is sensed, then multiple access allows anyone onto

the media without any further permission required.• If two NICs detect a neutral signal and access the shared media at the

exact same time, a collision occurs and is detected.• The PCs sense the collision by wether excess voltage is on the line

additional to their own transmission voltage. • When a collision occurs, a 32-bit jamming signal is sent out by the

first NIC that detects the collision in order to enforce the collision .• A random back-off scheme, is used to prevent colliding

retransmissions.• If collisions continue to occur, the NICs random interval is doubled,

lessening the chances of a collision.• Late Collisions: In a proper functioning Ethernet network, a NIC may

experience collision within the first slot time (minimum frame period, 51.2 µS) after it starts transmission. This is the reason why an Ethernet NIC monitors the CD signal during this time and use CSMA/CD. A faulty CD circuit, or misbehaving NIC or transceiver may lead to a late collision (i.e. after one slot time).

CSMA/CD and Collisions

Layer 2 36


Interframe spacing and backoff

Interframe spacing• After a frame has been sent, all stations on a 10-Mbps Ethernet are

required to wait a minimum of 96 bit-times (9.6 microseconds) before any station may legally transmit the next frame.

• This minimum spacing between two non-colliding frames is also called the interframe gap. It is measured from the last bit of the FCS field of the first frame to the first bit of the preamble of the second frame.

• This gap is intended to allow slow stations time to process the previous frame and prepare for the next frame.

Backoff Time• After a collision occurs and all stations wait the full interframe spacing • The stations that collided must wait an additional backoff time before

retransmitting the collided frames. • The waiting period is intentionally random so that two stations do not

delay for the same amount of time before retransmitting which would result in more collisions.

• The waiting period is measured in increments of the parameter "slot time".

• If the MAC layer is unable to send the frame after sixteen attempts, it gives up and generates an error to the network layer.

Layer 2 37


Exponential Back-off Algorithm

• If all NICs attempted to retransmit immediately following a collision, then this would certainly result in another collision.

• Ethernet uses a random back-off period to minimize the propability of this event.

• Each node selects a random number, multiplies this by the slot time (minimum frame period, 51.2 µS) and waits for this random period before attempting retransmission. The small Inter-Frame Gap (IFG) (e.g., 9.6 microseconds) is also added.

• On a busy network, a retransmission may still collide with another retransmission (or possibly new frames being sent for the first time by another NIC). The protocol therefore counts the number of retransmission attempts (using a variable N in the above figure) and attempts to retransmit the same frame up to 15 times.

• For each retransmission, the transmitter constructs a set of numbers:{0, 1, 2, 3, 4, 5, ... L} where L is (2K-1) and where K=N; K<= 10;

• A random value R is picked from this set, and the transmitter waits for a periodR x (slot time) i.e. R x 51.2 μs

• For example, after two collisions, N=2, therefore K=2, and the set is {0, 1, 2, 3} giving a one in four chance of collision. This corresponds to a wait selected from {0, 51.2, 102.4, 153.6} micro seconds.

Layer 2 38


What are collision domains?

• Host A senses no voltage on the circuit. It begins transmitting a frame. The signal voltage travels through the wire with about light velocity. Repeaters and hubs flood the incoming signals out any other outputs

• Host B also wants to transmit a frame. It senses a free line up to the time when host A's first frame byte arrives at host B. Immediately after Host B starts sending it detects the excessive voltage from host A's frame. It stops sending and starts sending a 32-bit jam signal

• Host A cannot detect the collision until the collision fragments of Host B arrives. It MUST continue sending his frame until that time.

• When the collision fragments finally reaches Host A, it also truncates the current transmission and substitutes the jam signal.

• A hub or series of hubs/repeaters is a single collision domain.

18162432

1

64 byte 200 m Diameter of collision domain

8163242

132-bit jam signal

1

1 segment

40485664

32-bit jam signal

Layer 2 39


Limitations of half/duplex operation

• In order to savely detect collisions at the sender, it must keep on sending the frame for a minimum time (slot time). This requires the frames to have a minimum length.

• This minimum time is equal to the maximum round trip delay of the network, which itself is a measure of the distance between the most distant nodes in the network

• Consequence: For a given minimum frame length, the extent of a network scales inversely with data rate.

• Slot-time is calculated assuming – maximum cable lengths on the

largest legal network architecture,– all hardware propagation delay

times are at the legal maximum and

– the 32-bit jam signal is used when collisions are detected.

10000 m

≈205 m

≈20 m

10 100 1000 Mbps

1000 m

100 m

10 m

≈2800 m

Layer 2 40


Slot Times required

• At 10 Mbps the standard demands a slot-time of 51,2us (64 Bytes, 512 bits). This allows an ethernet LAN to extent up to 2-3 km.

• Fast Ethernet (100 Mbps) has a slot time of 5.12μs with the same minimum frame length (512 bit). The network extent it limited to 200 m with twisted-pair cable.

• To allow 1000-Mbps Ethernet to operate in half duplex the maximum network extent needs to be restricted to about 20 m (not acceptable or the frames needs to be extended. Therefore the extension field was added to expand the slot-time to 4.096μs (512 bytes, 4096 bits) for small data payloads.

• This field is present only on 1000-Mbps, half-duplex links and allows minimum-sized frames to be long enough to meet slot-time requirements. Extension bits are discarded by the receiving station.

• Propagation velocity is about 200 m per microsecond in a UTP cable. • It takes just 10 bit-times for a 10BASE-T, 100 bit-times for 100BaseT, and

1000 bit-times for 1000BaseT to travel this length (200 m) of UTP cable.• Therefore half duplex is not permitted in 10-Gigabit Ethernet.

DA

6 6 2 46-1500 4 <512 Byte

SA Length/Type ExtensionData FCS

Layer 2 42


Sending and receiving Ethernet frames via a hub

• So, what does a hub do when it receives a frame?

• Remember, a hub is nothing more than a multiport repeater acting as a layer 1 device.

• The hub will flood it out all ports except for the incoming port.

• A hub does NOT look at layer 2 addresses, so it is fast in transmitting data.

• Disadvantage with hubs: A hub or series of hubs is a single collision domain.

• A collision will occur if any two or more devices transmit at the same time within the collision domain.

• More on this later.• Another disadvantage with hubs is

that it takes up unnecessary bandwidth on other links.

1111 2222

3333

4444

5555

11113333

Nope

Nope

NopeFor me!

Nope: no operation

200 m

Wasted bandwidth

Layer 2 43


Sending and receiving Ethernet frames via a switch

Source Address TablePort Source MAC Add. Port Source MAC

Add.

• Switches are also known as learning bridges or learning switches.

• A switch has a source address table in cache (RAM) where it stores source MAC address after it learns about them.

• A switch that receives an Ethernet frame searches the source address table for the Destination MAC address (DA).

– If it finds a match, it filters the frame by only sending it out that port.

– If there is not a match if floods it out all ports.

switch

1111

2222

3333

4444

Abbreviated MAC addresses

11113333

Layer 2 44


No Destination Address in table, Flood


Add. 1 1111

• Next, in our scenario, the switch will flood the frame out all other ports, because the DA is not in the source address table.

• How does it learn Source MAC Addresses (SA)?

– First, the switch will see if the SA (1111) is in it’s table.

• If it is, it resets the associated timer (more in a moment).

• If it is NOT in the table it adds it with the port number.

switch

1111

2222

3333

4444


11113333

Layer 2 45


Destination Address in table, Filter


Add. 1 1111 6 3333

• Now 3333 sends data back to 1111.• The switch sees if it has the SA

stored.– It does NOT so it adds it. (This

will help next time 1111 sends to 3333.)

• Next, it checks the DA and in our case it can filter the frame, by sending it only out port 1.

switch

1111

2222

3333

4444


33331111

Layer 2 46


Destination Address in table, Filter


Add. 1 1111 6 3333

switch

1111

2222

3333

4444


• Now, because both MAC addresses are in the switch’s table, any information exchanged between 1111 and 3333 can be sent (filtered) out the appropriate port.

• What happens when two devices send to the same destination?

• What if this was a hub, not a switch?

• Where is (are) the collision domain(s) in this example?

33331111

11113333

Layer 2 47


No Collisions in Switch, Buffering


Add. 1 1111 6 3333 9 4444

• Unlike a hub, a collision does NOT occur within these segments, which would cause the two PCs to have to retransmit the frames.

• Instead the switch buffers the frames and sends them out port #6 one at a time.

• The sending PCs have no idea that their was another PC wanting to send to the same destination.

switch

1111

2222

3333

4444


11113333

44443333

Layer 2 48


Collision Domains


Add. 1 1111 6 3333 9 4444

switch

1111

2222

3333

4444


11113333

Collision Domains

44443333

• When there is only one device on a switch port, the collision domain is only between the PC and the switch. (Cisco curriculum is inaccurate on this point.)

• Having these small collision domains with a switch is called "micro segmentation"

• With a full-duplex PC and switch port, there will be no collision, since the devices send and receive at different circuits at the same time.

• Full-duplex operation allows for larger network architecture designs since the timing restriction for collision detection is removed.

Layer 2 49


Other Information


Add. 1 1111 6 3333 9 4444

• How long are addresses kept in the Source Address Table?– 5 minutes is common on most

vendor switches.• How do computers know the

Destination MAC address?• ARP Caches and ARP Requests

(later)• How many addresses can be

kept in the table?– Depends on the size of the cache,

but 1,024 addresses is common.• What about Layer 2 broadcasts?

– Layer 2 broadcasts (DA = all 1’s) is flooded out all ports.

switch

1111

2222

3333

4444


Layer 2 50


What happens here?

• Notice the Source Address Table has multiple entries for port #1.

• The switch filters the frame out port #1.

• But the hub is only a layer 1 device, so it floods it out all ports.

• Where is the collision domain?

33331111

3333

1111


Add. 1 1111 6 3333 1 2222 1 5555

2222 5555

Collision Domain

Layer 2 51


Switches

• A switch is like a multiport bridge. • Like bridges, switches learns the MAC addresses of active

devices connected to its ports. It is a OSI Layer-2 device.• Switches use this information to build forwarding tables

(similar to bridge tables)• Switching lessens congestion in Ethernet LANs by reducing

the traffic and increasing the bandwidth. • Switches can easily replace hubs because switches work

with existing cable infrastructures.• All switching equipment performs two basic operations:

1.Switching data frames: a process by which a frame is received on an input medium and then transmitted to an output medium.

2.Build and maintain switching tables and search for loops.

• Switches operate at much higher speeds than bridges and can support new functionality, such as virtual LANs.

• an Ethernet switch allows many users to communicate in parallel through the use of virtual circuits and dedicated network segments in a virtually collision-free environment.

• This maximizes the bandwidth available on the shared medium.

• 2.5.2006

Layer 2 53


IEEE-802.11 Wireless LANs

• Portable PCs, PDAs, cameras, automobiles, pets, security systems, kitchen appliances, household plants are going wireless connected to the Internet

• Important wireless device classification criateria are power, range and data rate.

• Bluetooth: low-power, short-range, low-rate cable replacement technology

• 802.11 family (WLAN): higher-power, medium-range, higher-rate "access"-technology

802.11b• transmits in an unlicensed radio spectrum at 2,4 GHz• provides wireless Ethernet access at 11 Mbps• defines the physical layer and Media Access Control (MAC) layer• Physical layer uses DSSS which codes each bit into a chipping code. This is

similar to CDM, except now all mobile hosts use the same chipping code. Therefore DSSS is not a CDM technique that controls multiple access to a shared medium.

• DSSS is instead a physical layer mechanism that spreads the signal energy over a wider frequency range, thereby improving the receivers ability to recover the original transmitted bits.

Layer 2 54


Wireless LAN Standards

• IEEE defines the physical and Media Access Control (MAC) layer for wireless networks• 802.11b may also be called Wi-Fi™ (wireless fidelity) or high-speed wireless Ethernet

and refers to systems that operate at 1, 2, 5.5 and 11 Mbps. – Available in Europe; Supports roaming– Operates in the unlicensed 2,4 GHz ISM-Band (Industrial, Scientific, and Medical

Band); – provides wireless Ethernet access at 11 Mbps. In production networks, a more

realistic rating is 4-6 Mbps. – Physical layer uses DSSS which codes each bit into a chipping code. This is similar

to CDM, except now all mobile hosts use the same chipping code. Therefore DSSS is not a CDM technique that controls multiple access to a shared medium.

– DSSS is instead a physical layer mechanism that spreads the signal energy over a wider frequency range, thereby improving the receivers ability to recover the original transmitted bits.

• 802.11a WLAN devices – Used in North Amerika and Japan– operate in the 5-6 GHz transmission band. – supply data throughput of 54 Mbps and with proprietary technology known as "rate

doubling" has achieved 108 Mbps. In production networks, a more realistic rating is 20-26 Mbps.

• 802.11g provides the same throughput as 802.11a (54 Mbps) but operates in the 2,4 GHz band with backward compatibility for 802.11b devices.

• All of the 802.11 standards have the same architecture and use the same MAC protocol

Layer 2 55


The global picture: a multiplicity of WLAN standards

Features 802.11aNorth AmericaJapan

802.11gEurope

802.11bEurope

Operating Frequency Band

5 GHz Industrial, Scientific and Medical Band

2,4 GHz 2,4 GHz

Data Rates 6, 9, 12, 18, 24, 36, 48 and 54 Mbps

6, 9, 12, 18, 24, 36, 48 and 54 Mbps

1, 2, 5.5 and 11 Mbps

System Orthogonal Frequency Division Multiplexing (OFDM)

OFDM DSSS (Direct Sequence Spread Spectrum)

Approximate Range

50 m >= 100 m 100m

Layer 2 57


802.11 LAN Architecture

• Cells are the fundamental building blocks of 802.11 LANs also known as the basic service set (BSS)

• A BSS contains one or more mobile stations and one central base station known as access point (AP)

• Multiple APs may be conntected to form a so called distribution system (DS)• The DS appears to upper layer protocols (e.g. IP) as a single 802 network.• Cell overlapping will permit roaming between cells, allowing for the disconnect

and reconnect activity to occur seamlessly without service interruption.

f1

f2

f3

f1

f2

AP AP

APAPAP

cellsInfrastructure Mode

Infrastructure Mode:Wireless end-points communicate via a wireless relaying Access Point device

Ad-hoc Mode:Wireless end-points communicate directly with each other. An Access Point is not involved.

Ad-hoc mode

BSS BSS BSS

Layer 2 58


IEEE 802.11 Media Access Protocol - Hidden Terminal Problem

• IEEE 802.11 Media Access Protocol is carrier sense multiple access with collision avoidance (CSMA/CA). It can not implement the collision detection method, because of the hidden terminal problem which is common to all wireless communications.

Hidden terminal problem descriptiona) Physical obstructions may prevent A and C from detecting each others

transmissions, even though A's and C's transmissions are receiveable at destination B.

b) Collisions are also undetectable when A and C are placed that their signal strengths are sufficient for destination B but not strong enough to detect each others transmissions and hence the collision at B.

Layer 2 59


IEEE 802.11 Media Access Protocol

• CSMA protocol first senses the channel to determine wether it is busy or not.

• If the channel is sensed idle for a time minimum given by the Distributed Inter Frame Space (DIFS), a station is allowed to transmit.

• This frame will be successfully received if no other station's transmission will interfere.

• Each completely and correctly received frame is acknowledged to the sender. After a short period of time, known as the Short Interframe Spacing (SIFS) the receiver sends a short achnowledgement frame back to the sender.

• This is necessary because wireless stations are not able to detect collisions reliable (Hidden terminal problem) Data transmission and acknowledgement in 802.11

• IEEE 802.11 frames contain a "Duration" field in which the sending station indicates the length of time ( also called network allocation vector (NAV) ) that it's frame will keep the channel busy.

• The NAV determines the minimum amount of time other stations should defer their access

Layer 2 60


802.11 Backoff Mechanism

• When the sender senses the channel to be busy it performs a backoff procedure similar to that of Ethernet:

– The sender waits until the channel is idle– The sender additionally waits for DIFS time.– If the channel stayed idle, the sender computes an additional

random backoff time.– When the backoff timer reaches zero, the node transmits the frame– As in the case of Ethernet, the backoff intervall is doubled each time

the retransmitted frame experiences a collision

Layer 2 61


IEEE 802.11 Media Access Protocol

• 802.11 protocol can also use short frames, called RTS (Request to send) and CTS (clear to send), to reserve access to the channel.

• Senders willing to send, first send a RTS frame to the receiver indicating the expected channel allocation duration (data and ACK; NAV).

• The receiver responds with a CTS frame, giving the sender explicit permission to send.

• All other stations hearing the RTS or CTS then know about the pending transmission and can avoid interfering with it.

• RTS/CTS helps avoid collisions in 2 important ways

– The CTS frame helps avoid the hidden station problem.

– Collisions involving RTS/CTS frames will last only for a short time.

• Note: – After correctly transmitted RTS/CTS frames

there should be no collisions.– Without any hidden nodes, then the use of

RTS/CTS will only increase the amount of overhead, which reduces throughput.

• Each 802.11 sender can operate with or without using the RTS/CTS frames

Collision avoidance using the RTS and CTS frames

NAV: Network Allocation Vector

Layer 2 62


Wireless devices and topologies

•When a client is activated within the WLAN, it will start "listening" for a compatible device with which to "associate".

•This is referred to as "scanning" and may be active or passive. – Active scanning causes a request to be sent from the

wireless node seeking to join the network. – The request will contain the Service Set Identifier (SSID)

of the network it wishes to join. – When an AP with the same SSID is present, the AP will issue a

response. •The authentication and association steps are completed. •From webpedia.com

– SSID: a 32-character unique identifier attached to the header of packets sent over a WLAN that acts as a "password" when a mobile device tries to connect to the BSS. The SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a specific WLAN must use the same SSID. A device will not be permitted to join the BSS unless it can provide the unique SSID. Because an SSID can be sniffed in plain text from a packet it does not supply any security to the network.

Layer 2 63


How wireless LANs communicate

• Performance of the network will also be affected by signal strength and degradation in signal quality due to distance or interference.

• As the signal becomes weaker, Adaptive Rate Selection (ARS) may be invoked.

• The transmitting unit will drop the data rate from 11 Mbps to 5.5 Mbps, from 5.5 Mbps to 2 Mbps or 2 Mbps to 1 Mbps.

Layer 2 64


The radio wave and microwave spectrums

• Computers send data signals electronically.

• Radio transmitters convert these electrical signals to radio waves.

• However, radio waves attenuate as they move out from the transmitting antenna.

• In a WLAN, a radio signal measured at a distance of just 10 meters (30 feet) from the transmitting antenna would be only 1/100th of its original strength.

• As the signal becomes weaker, Adaptive Rate Selection (ARS) may be invoked.

• The transmitting unit will drop the data rate from 11 Mbps to 5.5 Mbps, from 5.5 Mbps to 2 Mbps or 2 Mbps to 1 Mbps.

Layer 2 65


Radio Interference: Signals and noise on a WLAN

• When using RF technology many kinds of interference must be taken into consideration.

• In homes and offices, a device that is often overlooked as causing interference is the standard microwave oven.

• Leakage from a microwave oven of as little as one watt into the RF spectrum can cause major network disruption.

• Wireless phones operating in the 2.4 GHz spectrum can also cause network disorder.

• The RF signal can be affected by some extreme weather conditions such as fog or very high moisture conditions. Lightning can also charge the atmosphere and alter the path of a transmitted signal.

Layer 2 66


Methods of Authentication

• WLAN authentication occurs at Layer 2. • WLAN authentication authenticates the device not the user. • IEEE 802.11 lists two types of authentication processes. • The first authentication process is the "open system".

– This is an open connectivity standard in which only the SSID must match.

– This may be used in a secure or non-secure environment despite the ability of low level network ‘sniffers’ to discover the SSID of the WLAN is high.

• The second process is the "shared key". – This process requires the use of Wireless Equivalency Protocol

(WEP) encryption. – WEP is a fairly simple algorithm using 40 and 128 bit keys. – The AP is configured with an encrypted key and nodes attempting to

access the network through the AP must have a matching key. – Statically assigned WEP keys provide a higher level of security than

the open system but are definitely not hack proof. • The problem of unauthorized entry into WLANs is being addressed by a

number of new security solution technologies.

prof. dr. r.nitsch, fh darmstadt layer 21 module 4 – layer 2 fundamentals reiner nitsch fb...

Documents