Cisco Router OSPF Design and Implementation Guide
William Parkhurst, PhD, CCIE
 $54.95  0-07-048626-3
Backward Forward
Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

Reserve your copy at a
Beta Bookstore near you!
Contact Bet@books
© 1998 The McGraw-Hill Companies, Inc. All rights reserved.
Any use of this Beta Book is subject to the rules stated in the Terms of Use.

Chapter 2

Ethernet

Introduction

Why a chapter on Ethernet? Designing and configuring OSPF networks can be accomplished without a detailed understanding of ethernet, so why bother? First, ethernet is the most common LAN protocol and you will without a doubt encounter ethernet networks in your career. From our discussion of the OSI and Internet layered models in chapter one, we can see that regardless of which network protocol is being used (IP, IPX, AppleTalk, DECnet, etc) packets will ultimately be carried in an ethernet frame. Second, if you really want to be an expert network designer a detailed understanding of every technology that is being deployed is required. Third, you may encounter ethernet questions on the CCIE exam and so this is my favorite reason.

Technology Overview

Ethernet is a shared media technology. Shared media means that nodes on an ethernet network share a common physical transport medium. The two physical configurations of ethernet are the bus and star architectures (figure 2.1). The BUS architecture uses a 50-ohm thin (10Base2) or thick (10Base5) coaxial cable while the star architecture employs unshielded twisted pair (UTP) wire for connection to a hub or ethernet switch (10BaseT or 100BaseT).

A shared media requires that nodes take turns using the wire to transmit frames. How does a node know when it is its turn to transmit? Ethernet uses Carrier Sense Multiple Access with Collision Detect (CSMA/CD) to determine who gets to talk.

b. Ethernet star architecture.

A node will "listen" for a carrier on the wire before transmitting. If no carrier is detected for 9.6 microseconds then the node can transmit a frame. Two or more nodes may notice that the wire is quiet (no carrier) and begin to transmit simultaneously (figure 2.2a). This will result in a collision on the wire, which will corrupt the transmitted packets. The nodes can detect the collision (the CD in CSMA/CD) because the voltage on the wire will jump to a level higher than if only one packet was being transmitted (figure 2.2b). The transmitting stations that detect the collision will transmit a jam signal and each transmitting node will back off for a random amount of time before listening and transmitting again. The jam signal is usually a 32-bit signal with all the bits set to one. The purpose of the jam signal is to fully raise the voltage on the wire so every station knows that a collision has occurred. Collisions are a fact of life on an ethernet network and as the number of nodes on a network increases the number of collisions will also increase reducing the overall effective bandwidth. One design goal for an ethernet network is to reduce the size of these ethernet collision domains. Bridges

and switches forward all ethernet traffic onto all ethernet segments and so they cannot be used to reduce the size of the collision domain. Well, a switch can be used to reduce collision domain size if virtual LANs (VLAN) are used, but that is another story for another book. Without VLANs, routers are needed to create multiple collision domains.

Ethernet Addresses

Ethernet addresses are 6-bytes (48-bits) in length and are universally unique (or should be). The Institute of Electrical and Electronic Engineers (IEEE) assigns Ethernet

address blocks to manufacturers of ethernet network interface cards. The first 3 bytes of an ethernet address are the company ID and the last 3 bytes are assigned by the manufacturer. Figure 2.3 is an example of an ethernet address assigned to Cisco Systems.

Manufacturer ID

Assigned by Cisco

00

00

0C

01

23

45

Figure 2.3. Example Ethernet Address

Ethernet addresses are assigned permanently to a network interface card and referred to as the Burned-In-Address (BIA) or Media Access Control (MAC) address. If you change the NIC in a workstation, then the ethernet address of the workstation changes. Since ethernet is a shared media technology it is relatively simple for a node to transmit a frame to every other node on the ethernet segment. Ethernet uses an address of all 1s as the broadcast address. Nodes will accept frames addressed either to their ethernet address or to the broadcast address.

Ethernet Frame Formats

There are four different formats for ethernet frames currently in use today. Four formats? Why so many? The history of the development of these ethernet standards explains why there are four formats.

If you’re counting, that makes five formats. We will not consider ethernet version I since it has been totally replaced (I hope) with one of the other flavors.

All formats have a number of common elements. Ethernet is an asynchronous protocol. This means that a receiving station does not know when an ethernet frame will arrive (there is no system wide ethernet clock for frame synchronization). A method is needed to wake up an ethernet receiver and let it know that an ethernet frame is on the way. This is accomplished by the use of a 64-bit (8-byte) preamble shown in figure 2.4.

10101010

10101010

10101010

10101010

10101010

10101010

10101010

10101011

The alternating 1s and 0s are used to sync the receiver of the frame with the transmitter of the frame. The last 2 bits are 1 to signal that the next bit following the 1 1 pattern is the start of an ethernet frame. Following the preamble is a 6-byte destination MAC address and then a 6-byte source MAC address. The source address is the MAC address of the sending node and the destination address is the MAC address of the destination or the broadcast address. The most significant bit of the destination address is the group/individual (G/I) bit. If the G/I bit has a value of 1 then the destination address is a group address.

Ethernet II Frame Format

The Ethernet II frame format is shown in figure 2.5.

Destination

MAC Address

6 bytes

Source

MAC Address

6 bytes

Ether

Type

2 bytes

Data

46 - 1500 bytes

FCS

4

bytes

Figure 2.5. Ethernet II Frame Format.

From figure 2.5 we can see that the minimum frame length (not counting the preamble) is 64 bytes (6 + 6 + 2 + 46 + 4) and then maximum length frame is 1518 bytes (6 + 6 + 2 + 1500 + 4). The Ether type identifies the upper layer protocol associated with this frame. The more common ether types are listed in table 2.1.

Table 2.1. Common Ether Types for Ethernet II Frames

Value (Hex)

Description

0800

IP

0BAD

Banyan

6003

DECnet Phase IV

6004

DEC LAT

809B

AppleTalk

8138

Novell

All ether types have a value greater than 05DC Hex (1500 decimal) and we shall see why after looking at the other frame formats. Following the ether type is the actual data to be transmitted and then a Frame Check Sequence (FCS) to detect bit errors in the frame. How does an ethernet receiver know the length of an ethernet II frame? The receiver will continue to receive bits until the carrier on the wire is gone. The receiver will assume that the last 4 bytes received are the FCS and that the bytes between the FCS and the either type are the actual data.

Novell Proprietary Frame Format.

This format is also referred to as 802.3 Raw since it was based on a preliminary release of the IEEE 802.3 specification. The Novell frame format is shown in figure 2.6.

Destination

MAC Address

6 bytes0xFFFF

Data

44 - 1498 bytes

FCS

4 bytes

Figure 2.6. Ethernet 802.3 "Raw" Frame Format.

Following the source address is a 2-byte total length field, which contains the length of the data field, so this value will be between 46 and 1500. The next 2 bytes are always set to 0xFFFF to identify it as a Novell frame. Actually, 0xFFFF is the first 2 bytes of a Novell IPX or SPX packet header. These bytes represent an IPX or SPX checksum and they are always set to 0xFFFF. Since the Novell frame format can only be used to carry IPX/SPX traffic, these two bytes will always be 0xFFFF. Looking back at the ethernet II frame format, the 802.3 raw length is always less than the ether type. This is how you can tell if you have an Ethernet II frame or an 802.3 raw frame.

IEEE 802.3/802.2 Frame Format

What did the IEEE add to the 802.3 specification that made it incompatible with Novell’s frame format? The 802.2 Logical Link Control (LLC) header (figure 2.7).

LLC Header

Destination

MAC Address

6 bytes

Source

MAC Address

6 bytes

Total

Length

2 bytes

DSAP

1

byte

SSAP

1

byte

Control

1

byte

Data

43 - 1497 bytes

FCS

4

bytes

Figure 2.7. Ethernet 802.3/802.2 Frame Format.

The LLC header performs essentially the same purpose as the ether type in an ethernet II frame. The Destination Service Access Point (DSAP) identifies the upper layer protocol for which the frame is intended. The Source Service Access Point (SSAP) identifies the upper layer protocol from which the frame was sent. The control field is almost always set to 0x03. So what does this frame format accomplish? Well it has more overhead than Ethernet II, it can only handle 256 possible upper layer protocols (Ethernet II can handle 64035) and it has a 1-byte control field that almost is never used. Nothing like progress!

Table 2.2 contains some of the common SAP values used by the 802.3 format.

Table 2.2. Common SAP Values.

SAP Value

Description

04

IBM SNA Path Control (Individual)

05

IBM SNA Path Control (Group)

06

IP

08

SNA

0C

SNA

42

IEEE 802.1 Bridge Spanning Tree Protocol

BC

Banyan VINES

AA

SubNetwork Access Protocol (SNAP)

E0

Novell NetWare

F0

IBM NetBIOS

IEEE 802.3 SNAP Frame Format

Figure 2.8 contains the format of an IEEE 802.3 SubNetwork Access Protocol (SNAP) frame.

LLC Header SNAP Header

Destination

MAC Address

6 bytes

Source

MAC Address

6 bytes

Total

Length

2 bytes

DSAP

1 byte

0xAA

SSAP

1 byte

0xAA

Control

1 byte

0x03

SNAP ID

5 bytes

Data

38 - 1492 bytes

FCS

4

bytes

The main difference between the SNAP format and the 802.3 format is the addition of the 5-byte SNAP IP field. The first 3 bytes of the SNAP ID is the vendor code, usually the same as the first 3-bytes of the source MAC address but it is sometimes set to zero. In other words, these 3 bytes are redundant. Following the vendor code is a 2 byte field that usually contains the Ether type (same as in the Ethernet II format). Why all this additional overhead? Some argued that an ethernet frame should be aligned on even byte boundaries. The 802.3 format has 1 3-byte LLC header while the SNAP format has a 3-byte header and a 5-byte SNAP ID. Add them up and you get 8-bytes, or an even number.

Differentiating Frame Formats

Now we can determine how a host can differentiate between the four ethernet frame formats. The following algorithm will help:

  1. Is the value of the 2-byte field following the source MAC address greater than 1500? If yes, then the frame is Ethernet II.
  2. Is the value of the 2-byte field following the 2-byte length field equal to 0xAAAA? If yes then the frame is Ethernet SNAP.
  3. Is the value of the 2-byte field following the 2-byte length field = 0xFFFF? If yes, then the frame is Novell proprietary.
  4. If the answers to 1, 2, and 3 are no, then the frame is Ethernet 802.3/802.2.

Exercise 2.1

For the following partial ethernet frames (no preamble) determine source and destination addresses, the type of the frame, the upper layer protocol using the frame, and, if possible, the length of the frame.

  1. 00000C12345608000B06AA350800ABACAB…
  2. 080001A1B2C37E4600000001AAAA03A1B2C38138…
  3. FFFFFFFFFFFF192834641243FFFF123456…

Backward Forward
Chapter: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

Reserve your copy at a
Beta Bookstore near you!
Contact Bet@books
© 1998 The McGraw-Hill Companies, Inc. All rights reserved.
Any use of this Beta Book is subject to the rules stated in the Terms of Use.

Beta Books | Beta Bookstores | Computing McGraw-Hill

Professional Publishing Home | Contact Us | Customer Service | For Authors | International Offices | New Book Alert | Search Catalog/Order | Site Map | What's New


A Division of the McGraw-Hill Companies
Copyright © 1998 The McGraw-Hill Companies. All rights reserved. Any use is subject to the Terms of Use; the corporation also has a comprehensive Privacy Policy governing information we may collect from our customers.