Cisco Router OSPF Design and Implementation Guide William Parkhurst, PhD, CCIE $54.95 0-07-048626-3 |
![]() ![]() |
Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |
Reserve your copy at a Beta Bookstore near you! |
Contact Bet@books © 1998 The McGraw-Hill Companies, Inc. All rights reserved. Any use of this Beta Book is subject to the rules stated in the Terms of Use. |
Why a chapter on Ethernet? Designing and configuring OSPF networks can be accomplished without a detailed understanding of ethernet, so why bother? First, ethernet is the most common LAN protocol and you will without a doubt encounter ethernet networks in your career. From our discussion of the OSI and Internet layered models in chapter one, we can see that regardless of which network protocol is being used (IP, IPX, AppleTalk, DECnet, etc) packets will ultimately be carried in an ethernet frame. Second, if you really want to be an expert network designer a detailed understanding of every technology that is being deployed is required. Third, you may encounter ethernet questions on the CCIE exam and so this is my favorite reason.
Technology Overview
Ethernet is a shared media technology. Shared media means that nodes on an ethernet network share a common physical transport medium. The two physical configurations of ethernet are the bus and star architectures (figure 2.1). The BUS architecture uses a 50-ohm thin (10Base2) or thick (10Base5) coaxial cable while the star architecture employs unshielded twisted pair (UTP) wire for connection to a hub or ethernet switch (10BaseT or 100BaseT).
A shared media requires that nodes take turns using the wire to transmit frames. How does a node know when it is its turn to transmit? Ethernet uses Carrier Sense Multiple Access with Collision Detect (CSMA/CD) to determine who gets to talk.
b. Ethernet star architecture.
A node will "listen" for a carrier on the wire before transmitting. If no carrier is detected for 9.6 microseconds then the node can transmit a frame. Two or more nodes may notice that the wire is quiet (no carrier) and begin to transmit simultaneously (figure 2.2a). This will result in a collision on the wire, which will corrupt the transmitted packets. The nodes can detect the collision (the CD in CSMA/CD) because the voltage on the wire will jump to a level higher than if only one packet was being transmitted (figure 2.2b). The transmitting stations that detect the collision will transmit a jam signal and each transmitting node will back off for a random amount of time before listening and transmitting again. The jam signal is usually a 32-bit signal with all the bits set to one. The purpose of the jam signal is to fully raise the voltage on the wire so every station knows that a collision has occurred. Collisions are a fact of life on an ethernet network and as the number of nodes on a network increases the number of collisions will also increase reducing the overall effective bandwidth. One design goal for an ethernet network is to reduce the size of these ethernet collision domains. Bridges
and switches forward all ethernet traffic onto all ethernet segments and so they cannot be used to reduce the size of the collision domain. Well, a switch can be used to reduce collision domain size if virtual LANs (VLAN) are used, but that is another story for another book. Without VLANs, routers are needed to create multiple collision domains.
Ethernet Addresses
Ethernet addresses are 6-bytes (48-bits) in length and are universally unique (or should be). The Institute of Electrical and Electronic Engineers (IEEE) assigns Ethernet
address blocks to manufacturers of ethernet network interface cards. The first 3 bytes of an ethernet address are the company ID and the last 3 bytes are assigned by the manufacturer. Figure 2.3 is an example of an ethernet address assigned to Cisco Systems.
Manufacturer ID |
Assigned by Cisco |
||||
00 |
00 |
0C |
01 |
23 |
45 |
Figure 2.3. Example Ethernet Address
Ethernet addresses are assigned permanently to a network interface card and referred to as the Burned-In-Address (BIA) or Media Access Control (MAC) address. If you change the NIC in a workstation, then the ethernet address of the workstation changes. Since ethernet is a shared media technology it is relatively simple for a node to transmit a frame to every other node on the ethernet segment. Ethernet uses an address of all 1s as the broadcast address. Nodes will accept frames addressed either to their ethernet address or to the broadcast address.
Ethernet Frame Formats
There are four different formats for ethernet frames currently in use today. Four formats? Why so many? The history of the development of these ethernet standards explains why there are four formats.
If you’re counting, that makes five formats. We will not consider ethernet version I since it has been totally replaced (I hope) with one of the other flavors.
All formats have a number of common elements. Ethernet is an asynchronous protocol. This means that a receiving station does not know when an ethernet frame will arrive (there is no system wide ethernet clock for frame synchronization). A method is needed to wake up an ethernet receiver and let it know that an ethernet frame is on the way. This is accomplished by the use of a 64-bit (8-byte) preamble shown in figure 2.4.
10101010 |
10101010 |
10101010 |
10101010 |
10101010 |
10101010 |
10101010 |
10101011 |
The alternating 1s and 0s are used to sync the receiver of the frame with the transmitter of the frame. The last 2 bits are 1 to signal that the next bit following the 1 1 pattern is the start of an ethernet frame. Following the preamble is a 6-byte destination MAC address and then a 6-byte source MAC address. The source address is the MAC address of the sending node and the destination address is the MAC address of the destination or the broadcast address. The most significant bit of the destination address is the group/individual (G/I) bit. If the G/I bit has a value of 1 then the destination address is a group address.
Ethernet II Frame Format
The Ethernet II frame format is shown in figure 2.5.
Destination MAC Address 6 bytes |
Source MAC Address 6 bytes |
Ether Type 2 bytes |
Data 46 - 1500 bytes |
FCS 4 bytes |
Figure 2.5. Ethernet II Frame Format.
From figure 2.5 we can see that the minimum frame length (not counting the preamble) is 64 bytes (6 + 6 + 2 + 46 + 4) and then maximum length frame is 1518 bytes (6 + 6 + 2 + 1500 + 4). The Ether type identifies the upper layer protocol associated with this frame. The more common ether types are listed in table 2.1.
Table 2.1. Common Ether Types for Ethernet II Frames
Value (Hex) |
Description |
0800 |
IP |
0BAD |
Banyan |
6003 |
DECnet Phase IV |
6004 |
DEC LAT |
809B |
AppleTalk |
8138 |
Novell |
All ether types have a value greater than 05DC Hex (1500 decimal) and we shall see why after looking at the other frame formats. Following the ether type is the actual data to be transmitted and then a Frame Check Sequence (FCS) to detect bit errors in the frame. How does an ethernet receiver know the length of an ethernet II frame? The receiver will continue to receive bits until the carrier on the wire is gone. The receiver will assume that the last 4 bytes received are the FCS and that the bytes between the FCS and the either type are the actual data.
Novell Proprietary Frame Format.
This format is also referred to as 802.3 Raw since it was based on a preliminary release of the IEEE 802.3 specification. The Novell frame format is shown in figure 2.6.
Destination MAC Address 6 bytes0xFFFF |
Data 44 - 1498 bytes |
FCS 4 bytes |
Figure 2.6. Ethernet 802.3 "Raw" Frame Format.
Following the source address is a 2-byte total length field, which contains the length of the data field, so this value will be between 46 and 1500. The next 2 bytes are always set to 0xFFFF to identify it as a Novell frame. Actually, 0xFFFF is the first 2 bytes of a Novell IPX or SPX packet header. These bytes represent an IPX or SPX checksum and they are always set to 0xFFFF. Since the Novell frame format can only be used to carry IPX/SPX traffic, these two bytes will always be 0xFFFF. Looking back at the ethernet II frame format, the 802.3 raw length is always less than the ether type. This is how you can tell if you have an Ethernet II frame or an 802.3 raw frame.
IEEE 802.3/802.2 Frame Format
What did the IEEE add to the 802.3 specification that made it incompatible with Novell’s frame format? The 802.2 Logical Link Control (LLC) header (figure 2.7).
LLC Header
Destination MAC Address 6 bytes |
Source MAC Address 6 bytes |
Total Length 2 bytes |
DSAP 1 byte |
SSAP 1 byte |
Control 1 byte |
Data 43 - 1497 bytes |
FCS 4 bytes |
Figure 2.7. Ethernet 802.3/802.2 Frame Format.
The LLC header performs essentially the same purpose as the ether type in an ethernet II frame. The Destination Service Access Point (DSAP) identifies the upper layer protocol for which the frame is intended. The Source Service Access Point (SSAP) identifies the upper layer protocol from which the frame was sent. The control field is almost always set to 0x03. So what does this frame format accomplish? Well it has more overhead than Ethernet II, it can only handle 256 possible upper layer protocols (Ethernet II can handle 64035) and it has a 1-byte control field that almost is never used. Nothing like progress!
Table 2.2 contains some of the common SAP values used by the 802.3 format.
Table 2.2. Common SAP Values.
SAP Value |
Description |
04 |
IBM SNA Path Control (Individual) |
05 |
IBM SNA Path Control (Group) |
06 |
IP |
08 |
SNA |
0C |
SNA |
42 |
IEEE 802.1 Bridge Spanning Tree Protocol |
BC |
Banyan VINES |
AA |
SubNetwork Access Protocol (SNAP) |
E0 |
Novell NetWare |
F0 |
IBM NetBIOS |
IEEE 802.3 SNAP Frame Format
Figure 2.8 contains the format of an IEEE 802.3 SubNetwork Access Protocol (SNAP) frame.
LLC Header SNAP Header
Destination MAC Address 6 bytes |
Source MAC Address 6 bytes |
Total Length 2 bytes |
DSAP 1 byte 0xAA |
SSAP 1 byte 0xAA |
Control 1 byte 0x03 |
SNAP ID 5 bytes |
Data 38 - 1492 bytes |
FCS 4 bytes |
The main difference between the SNAP format and the 802.3 format is the addition of the 5-byte SNAP IP field. The first 3 bytes of the SNAP ID is the vendor code, usually the same as the first 3-bytes of the source MAC address but it is sometimes set to zero. In other words, these 3 bytes are redundant. Following the vendor code is a 2 byte field that usually contains the Ether type (same as in the Ethernet II format). Why all this additional overhead? Some argued that an ethernet frame should be aligned on even byte boundaries. The 802.3 format has 1 3-byte LLC header while the SNAP format has a 3-byte header and a 5-byte SNAP ID. Add them up and you get 8-bytes, or an even number.
Differentiating Frame Formats
Now we can determine how a host can differentiate between the four ethernet frame formats. The following algorithm will help:
Exercise 2.1
For the following partial ethernet frames (no preamble) determine source and destination addresses, the type of the frame, the upper layer protocol using the frame, and, if possible, the length of the frame.
![]() ![]() Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |
Reserve your copy at a Beta Bookstore near you! |
Contact Bet@books © 1998 The McGraw-Hill Companies, Inc. All rights reserved. Any use of this Beta Book is subject to the rules stated in the Terms of Use. |