ch 5
uses Pad to increase frame field to 64 bytes
802.2 Header and Data
notifies destinations to get ready for a new frame
Preambles
There are two primary addresses assigned to a device on an Ethernet LAN: Physical address (the MAC address) Logical address (the IP address)
- Used for Ethernet NIC to Ethernet NIC communications on the same network. - Used to send the packet from the original source to the final destination.
MAC address uses what type of system
48-bit binary value expressed as 12 hexadecimal digits (4 bits per hexadecimal digit).
The process that a source host uses to determine the destination MAC address
ARP
Ethernet MAC sublayer has two primary responsibilities: Data encapsulation Media access control
Data encapsulation Media access control
Switches use following forwarding methods for switching data between network ports:
Store-and-forward switching Cut-through switching
MAC addressing provides a method for
device identification at the lower level of the OSI model. ensure globally unique addresses for each Ethernet device.
The Layer 2 Ethernet frame contains: The Layer 3 IP packet contains:
Destination MAC address - This is the MAC address of the file server's Ethernet NIC. Source MAC address - This is the MAC address of PC-A's Ethernet NIC. Source IP address - This is the IP address of the original source, PC-A. Destination IP address - This is the IP address of the final destination, the file server.
Assists a host in determining if the frame received is addressed to it
Destination address
detects errors in an ethernet frame
FCS/ frame check sequence
2 types of cut through switching
Fast-forward switching offers the lowest level of latency. immediately forwards a packet after reading the destination address. Because fast-forward switching starts forwarding before the entire packet has been received, there may be times when packets are relayed with errors. latency is measured from the first bit received to the first bit transmitted. Fast-forward switching is the typical cut-through method of switching. Fragment-free switching switch stores the first 64 bytes of the frame before forwarding. tries to enhance fast-forward switching by performing a small error check on the first 64 bytes of the frame to ensure that a collision has not occurred before forwarding the frame.
auto MDIX
detects the type of cable attached to the port, and configures the interfaces accordingly.
filtering frames
As switch receives frames from different devices, it is able to fill up its MAC address table by examining the source MAC address of every frame. When the switch's MAC address table contains the destination MAC address, it is able to filter the frame and forward out a single port.
controls the NIC through software drivers
LLC
remains indeedndent of physical medium
LLC
works with upper layers to add app info for delivery of data to higher level protocols
LLC
For the Layer 2 protocols, as with all 802 IEEE standards, Ethernet relies on the two separate sublayers of the data link layer to operate, the _______________and the ________________ sublayers.
LLC MAC
Works with hardware to support bandwidth requirements- checks for errors in bits sent and received
MAC
controls access to media through signaling and physical media standards requirements
MAC
supports ethernet technology using CSMA/CD/CA
MAC
formst of ethernet field min and max bytes for frame?
Preamble Destination MAC add Source MAC add Ether Type Data FCS 64 min---- 1518max
To determine the destination MAC address, the device uses ARP. ARP provides two basic functions:
Resolving IPv4 addresses to MAC addresses Maintaining a table of mappings
frame's originating NIC or interface MAC address
Source Address
data encapsulation + 3 primary functions?
The data encapsulation process includes -frame assembly before transmission, and - frame disassembly upon reception of a frame. - adds a header and trailer to the network layer PDU. 1)Frame delimiting provides delimiters used to identify group of bits that make up a frame. provide synchronization between the transmitting and receiving nodes. 2)Addressing process contains the Layer 3 PDU + data link layer addressing. 3)Error detection Each frame contains a trailer used to detect any errors in transmissions.
frame processing
When a NIC receives an Ethernet frame, it examines the destination MAC address to see if it matches the device's physical MAC address stored in RAM. If there is no match, the device discards the frame. If there is a match, it passes the frame up the OSI layers, where the de-encapsulation process takes place. (also accepts broadcast address)
Resolving IPv4 addres
When a packet is sent to the data link layer to be encapsulated into an Ethernet frame, the device refers to a table in its memory to find the MAC address --- mapped to the IPv4 address. called ARP TABLE (table stored on RAM) search its ARP table for a destination IPv4 address and a corresponding MAC address. If the packet's destination IPv4 address is on the same network as the source IPv4 address, the device will search the ARP table for the destination IPv4 address. If the destination IPv4 address is on a different network than the source IPv4 address, the device will search the ARP table for the IPv4 address of the default gateway. the search is for an IPv4 address and a corresponding MAC address for the device. The ARP table temporarily saves (caches) the mapping for the devices on the LAN. If the device locates the IPv4 address, its corresponding MAC address is used as the destination MAC address in the frame. If there is no entry is found, then the device sends an ARP request.
A broadcast packet contains a what does this mean?
a destination IPv4 address that has all ones (1s) in the host portion. all hosts on that local network (broadcast domain) will receive and process the packet. Many network protocols, such as DHCP and ARP, use broadcasts.
multicast address
allow a source device to send a packet to a group of devices. Devices that belong to a multicast group are assigned a multicast group IP address. The range of IPv4 multicast addresses is 224.0.0.0 to 239.255.255.255. can only be used as the destination of a packet. ex:where many players are connected remotely but playing the same game. The multicast MAC address is a special value that begins with 01-00-5E in hexadecimal. remaining portion of the multicast MAC address is created by converting the lower 23 bits of the IP multicast group address into 6 hexadecimal characters.
If the size of a transmitted frame is less than the minimum or greater than the maximum, the receiving device drops the frame. Dropped frames are likely to be the result of __________________________________________________________________
collisions or other unwanted signals and are therefore considered invalid.
MAC sublayer
constitutes the lower sublayer of the data link layer is implemented by hardware, typically in the computer NIC. (802.3 standards)
shared memory
deposits all frames into a common memory buffer- which all the ports on the switch share
switch examining source MAC address
examining the frame's source MAC address and port number where the frame entered the switch. If the source MAC address does not exist, it is added to the table along with the incoming port number. In Figure 1, PC-A is sending an Ethernet frame to PC-D. The switch adds the MAC address for PC-A to the table. If the source MAC address does exist, the switch updates the refresh timer for that entry. By default, most Ethernet switches keep an entry in the table for 5 minutes.
portbasedmemory
frames stored in ques that are linked to specific incoming and outgoing ports
LLC sublayer
handles the communication between the upper layers(of application) and the lower layers. (for delivery)(network software and device hardware) 1. takes the network protocol data,(IPV4 Packet) and adds control information to help deliver the packet to the destination node. 2. is implemented in software, and its implementation is independent of the hardware.
switch examining destination MAC address
if the destination MAC address is a unicast the switch will look for a match between the destination MAC address of the frame and an entry in its MAC address table. If the destination MAC address is in the table, it will forward the frame out the specified port. If the destination MAC address is not in the table, the switch will forward the frame out all ports except the incoming port. This is known as an unknown unicast.
switch
makes its forwarding decisions based only on the Layer 2 Ethernet MAC addresses. consults a MAC address table to make a forwarding decision for each frame dynamically builds the MAC address table by examining the source MAC address of the frames received on a port. switch forwards frames by searching for a match between the destination MAC address in the frame and an entry in the MAC address table. xamining the frame's source MAC address and port number where the frame entered the switch.
what is ethernet
operates in the data link layer and the physical layer. family of networking technologies that are defined in the IEEE 802.2 and 802.3 standards.
Removing Entries from an ARP Table
or each device, an ARP cache timer removes ARP entries that have not been used for a specified period of time. The times differ depending on the device's operating system.
ARP Spoofing
potential security risk technique used by an attacker to reply to an ARP request for an IPv4 address belonging to another device, attacker sends an ARP reply with its own MAC address. The receiver of the ARP reply will add the wrong MAC address to its ARP table and send these packets to the attacker.
cut through
predominantly used today forwards frame before entirely received destination address of frame must read before frame can be forwarded
store and forward
receives entire frame computes CRC if CRC is valid, switch looks up destination address (which determines outfoing interface) frame is then forwarded out to correct port
Media Access Control
responsible for placement of frames on the media + removal of frames from the media. controls access to the media. communicates directly with the physical layer. logical topology is a multi-access bus; OR all nodes (devices) on a single network segment share the medium. Ethernet is a contention-based method of networking. (any device can try to transmit data across the shared medium whenever it has data to send) (CSMA/CD) process is used in half-duplex Ethernet LANs to detect and resolve collisions. today uses full-duplex switches
synchronizes sending and receiving devices for frame delivery
start of frame delimeter
When a device has an IP address that is on a remote network, the Ethernet frame cannot be sent directly to the destination device. Instead,
the Ethernet frame is sent to the MAC address of the default gateway, the router.
When the destination IP address is on a remote network,
the destination MAC address will be the address of the host's default gateway Routers examine the destination IP address to determine the best path to forward the IP packet
Unicast MAC address is
the unique address used when a frame is sent from a single transmitting device to a single destination device.
The MAC address is often referred to as a burned-in address (BIA) because, historically,
this address is burned into ROM (Read-Only Memory) on the NIC.
switch may use buffering technique
to store frames before forwarding them. used when the destination port is busy due to congestion and the switch stores the frame until it can be transmitted.
describes which higher layer protocol has been usued
type
the source MAC address must always be a
unicast
ARP requests are sent
when a device needs a MAC address associated with an IPv4 address, and it does not have an entry for the IPv4 address in its ARP table.
