Internet protocol stack application: supporting network applications FTP, SMTP, HTTP transport: process-process data transfer TCP, UDP network: routing of datagrams from source to destination IP, routing protocols, link: data transfer between neighboring network elements PPP, Ethernet physical: bits “on the wire” application transport network link physical
Encapsulation source destination application transport network link message M application transport network link physical segment Ht M Ht datagram Ht Hn M Hn frame Ht Hn Hl M link physical switch destination network link physical Ht Hn M Ht Hn Hl M M application transport network link physical Ht Hn M Ht M Ht Hn M router Ht Hn Hl M
MAC Addresses and ARP 32-bit IP address: network-layer address used to get datagram to destination IP subnet MAC (or LAN or physical or Ethernet) address: used to get frame from one interface to another physically-connected interface (same network) 48 bit MAC address (for most LANs) burned in the adapter ROM
LAN Addresses and ARP Each adapter on LAN has unique LAN address 1A-2F-BB-76-09-AD 58-23-D7-FA-20-B0 0C-C4-11-6F-E3-98 71-65-F7-2B-08-53 LAN (wired or wireless) Broadcast address = FF-FF-FF-FF-FF-FF = adapter
LAN Address (more) MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to assure uniqueness) Analogy: (a) MAC address: like Social Security Number (b) IP address: like postal address MAC flat address ➜ portability can move LAN card from one LAN to another IP hierarchical address NOT portable depends on IP subnet to which node is attached
ARP: Address Resolution Protocol Question: how to determine MAC address of B knowing B’s IP address? Each IP node (Host, Router) on LAN has ARP table ARP Table: IP/MAC address mappings for some LAN nodes < IP address; MAC address; TTL> TTL (Time To Live): time after which address mapping will be forgotten (typically 20 min) 137.196.7.78 1A-2F-BB-76-09-AD 137.196.7.23 137.196.7.14 LAN 71-65-F7-2B-08-53 58-23-D7-FA-20-B0 0C-C4-11-6F-E3-98 137.196.7.88
ARP protocol: Same LAN (network) A wants to send datagram to B, and B’s MAC address not in A’s ARP table. A broadcasts ARP query packet, containing B's IP address Dest MAC address = FF-FF-FF-FF-FF-FF all machines on LAN receive ARP query B receives ARP packet, replies to A with its (B's) MAC address frame sent to A’s MAC address (unicast) A caches (saves) IP-to-MAC address pair in its ARP table until information becomes old (times out) soft state: information that times out (goes away) unless refreshed ARP is “plug-and-play”: nodes create their ARP tables without intervention from net administrator
Routing to another LAN walkthrough: send datagram from A to B via R assume A know’s B IP address Two ARP tables in router R, one for each IP network (LAN) In routing table at source Host, find router 111.111.111.110 In ARP table at source, find MAC address E6-E9-00-17-BB-4B, etc A R B
A R B A creates datagram with source A, destination B A uses ARP to get R’s MAC address for 111.111.111.110 A creates link-layer frame with R's MAC address as dest, frame contains A-to-B IP datagram A’s adapter sends frame R’s adapter receives frame R removes IP datagram from Ethernet frame, sees its destined to B R uses ARP to get B’s MAC address R creates frame containing A-to-B IP datagram sends to B A R B
ARP Functionality There are two main functional parts of the address resolution protocol: Determine the destination’s physical address before sending a packet. Answer requests that arrive for it’s own Physical-to-IP address binding. Because of lost/duplicate packets, ARP must handle this to avoid many re-broadcasts. Bindings in ARP cache (actual cache table) must be removed after a fixed period of time to ensure validity. When a packet is received, the sender’s IP address is stripped and the local table is updated (ARP cache), then the rest of the packet is processed. Two types of incoming packets: Those to be processed (correct destination). Stray broadcast packets (can be dropped after updating the ARP cache). Application programs may request the destination address many times before the binding is complete. This must be handled, by discarding enqueued requests, when the correct binding returns.
ARP Functionality ARP sets the field "TYPE" for the ID of a frame. ARP packets DO NOT have a fixed format header, so they can be used with arbitrary physical addresses and arbitrary protocol addresses. The lengths of physical addresses may vary up to 48-bits.
ARP Header Fields Hardware Type: (16-bits) - the type of interface the sender seeks an answer for. Protocol Type: (16-bits) - the high-level software address type provided. HLEN: (8-bits) - length of arbitrary physical address. PLEN: (8-bits) - length of arbitrary protocol address. OPERATION: (16-bits) - the specific type of operation requested. ARP.request (1) ARP.response (2) SENDER HA: (6-octets) - the sender’s actual hardware address, scalable up to six bytes. SENDER IP: (4-octets) - the sender’s IP address, always 32-bits. TARGET HA: (6-octets) - the destination node’s hardware address, scalable up to six bytes. TARGET IP: (4-octets) - the destination node’s IP address, always 32-bits.
Ethernet “dominant” wired LAN technology: cheap $20 for 100Mbs! first widely used LAN technology Simpler, cheaper than token LANs and ATM Kept up with speed race: 10 Mbps – 10 Gbps Metcalfe’s Ethernet sketch
Star topology Bus topology popular through mid 90s Now star topology prevails Connection choices: hub or switch (more later) hub or switch
Ethernet Frame Structure Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame Preamble: 7 bytes with pattern 10101010 followed by one byte with pattern 10101011 used to synchronize receiver, sender clock rates
Ethernet Frame Structure (more) Addresses: 6 bytes if adapter receives frame with matching destination address, or with broadcast address (eg ARP packet), it passes data in frame to net-layer protocol otherwise, adapter discards frame Type: indicates the higher layer protocol (mostly IP but others may be supported such as Novell IPX and AppleTalk) CRC: checked at receiver, if error is detected, the frame is simply dropped
Ethernet Ethernet Frame
Encapsulating the Packet The Ethernet protocol defines the frame format. Adds headers and trailers around the Layer 3 packet.
Encapsulating the Packet The IEEE 802.3 Ethernet Frame format: Minimum Size: 64 Bytes Maximum Size: 1518 Bytes If the frame is less than the minimum or greater than the maximum, it is considered corrupt and will be dropped. LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Header Trailer
Encapsulating the Packet LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Preamble and Start of Frame Delimiter (SFD) – 8 bytes: Used to synchronize the NIC with the media in preparation for receiving a frame. Is not considered part of the frame length. Will not appear in any capture of the frame.
Encapsulating the Packet LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Destination MAC Address – 6 bytes: Identifies the node that is to receive the frame. A receiving device compares its MAC address to the contents of this field. If the addresses match, the frame is accepted. Also used by switches to determine the interface to be used to forward the frame.
Encapsulating the Packet LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Source MAC Address – 6 bytes: Identifies the node that originated the frame. Also used by switches to add addresses to their internal Port / MAC address tables.
Encapsulating the Packet LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Length / Type – 2 bytes: DIX used this for type, the original IEEE 802.3 standard used it for length. The later IEEE standard (Ethernet II) allows it to be used for either. Ethernet II is the frame type used in TCP/IP networks. If the value is greater than 1518 (0x600), it contains a code identifying the encapsulated upper layer protocol. Any other value defines the length of the frame.
Encapsulating the Packet LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Data and Pad – 46 to 1500 bytes: The encapsulated data from Layer 3. Most commonly an IPv4 packet. If the total frame length is less than 64 bytes, the field is padded to the right with enough null characters to meet the minimum frame length.
Encapsulating the Packet LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS Frame Check Sequence (FCS)– 4 bytes: Used to detect errors in a frame that may have occurred during transmission along the media. The result of a Cyclic Redundancy Check (CRC) is placed in the frame by the sending node. The receiving node performs the same CRC and compares the values….they should be equal.
Ethernet MAC Address LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS In order for a transmission to be received properly at the destination computer, there must be a method of uniquely identifying that host. A unique address is permanently programmed into ROM in each NIC ("burned in“ ) when it is manufactured. Because of this, the MAC Address is often referred to as the burned in (BIA) address or physical address of a machine.
Ethernet MAC Address 48 bits in length. Expressed as 12 hexadecimal digits. The first 6 hexadecimal digits, which are administered by the IEEE, identify the manufacturer or vendor and thus comprise the Organizational Unique Identifier (OUI). The remaining 6 hexadecimal digits comprise the interface serial number, or another value administered by the specific vendor.
Ethernet MAC Address LENGTH OF FIELD IN BYTES 7 1 6 2 46 – 1500 4 Preamble Start of Frame Delimiter Destination MAC Address Source MAC Address Length or Type Data and Pad FCS When a network device matches the destination address to the address in the NIC, the NIC passes the frame up the OSI layers where the decapsulation process takes place. The MAC address is essential to communications on a network. It is the only address that guarantees that the message will be accepted by the destination.
Unreliable, connectionless service Connectionless: No handshaking between sending and receiving adapter. Unreliable: receiving adapter doesn’t send acks or nacks to sending adapter stream of datagrams passed to network layer can have gaps gaps will be filled if app is using TCP otherwise, app will see the gaps
10BaseT and 100BaseT 10/100 Mbps rate; latter called “fast ethernet” T stands for Twisted Pair Nodes connect to a hub: “star topology”; 100 m max distance between nodes and hub twisted pair hub
Hubs Hubs are essentially physical-layer repeaters: bits coming from one link go out all other links at the same rate no frame buffering no CSMA/CD at hub: adapters detect collisions provides net management functionality twisted pair hub
Manchester encoding Used in 10BaseT Each bit has a transition Allows clocks in sending and receiving nodes to synchronize to each other no need for a centralized, global clock among nodes! Hey, this is physical-layer stuff!
Gbit Ethernet uses standard Ethernet frame format allows for point-to-point links and shared broadcast channels in shared mode, CSMA/CD is used; short distances between nodes required for efficiency uses hubs, called here “Buffered Distributors” Full-Duplex at 1 Gbps for point-to-point links 10 Gbps now !