* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Layer 2 Fundamentals
Survey
Document related concepts
Deep packet inspection wikipedia , lookup
Airborne Networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Wireless security wikipedia , lookup
Computer network wikipedia , lookup
Network tap wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Power over Ethernet wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Internet protocol suite wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Prof. Dr. R.Nitsch, FH Darmstadt Module 4 – Layer 2 Fundamentals Reiner Nitsch FB Informatik Office: F16/15c Phone: 9255 Email: [email protected] Layer 2 1 Layer 1 Limitations - Layer 2 Tasks Prof. Dr. R.Nitsch, FH Darmstadt • Layer 1 involves – media, signals, bit streams that travel on media, – components that put signals on media, and – various topologies. • Layer 2 tasks and services are – Layer-2 protocols transmit Layer-3 PDUs over a single link between two network nodes – Communicate with the upper-level layer using Logical Link Control (LLC) Sublayer – Organize or group the bits using a Layer 2 frame format (framing) – Decide which computer will transmit binary data from a group that are all trying to transmit at the same time using a system called Media Access Control (MAC). – Reliable Data Transmission (Optional) – Flow Control (Optional) – Error detection – Error recovery (optional) – Identify computers using a Layer 2 addressing (or naming) process. • All Layer-2 protocol tasks are implemented within the Network Interface Circuit (NIC) Layer 2 2 Error Detection and Error Correction Techniques Prof. Dr. R.Nitsch, FH Darmstadt • Layer-2 PDUs include Error Discovery and Correction (EDC) bits in order to enable error detection at the receiving node • Even with good EDC techniques bit errors may remain unrecognized. The propability of such an event should be as small as possible. • Techniques in common use are parity checks, cyclic redundancy check (CRC) and forward error correction (FEC) Paritätsprüfungen: 0010111100111010 1 Prüfung mit gerader 1-Bit-Parität 1-dimensionale gerade Parität 0010111100111010 0010100101001110 1101011100010100 1000100010010010 0101100111110010 1 1 0 1 1 2-dimensionale gerade Parität 0010111100111010 0010100001001110 1101011100010100 1000100010010010 0101100111110010 1 1 0 1 1 Korrigierbare Bitfehler: jeder Einzelbitfehler Erkennbare Bitfehler: jede Kombination von 2 Fehlern Layer 2 3 Error Correction AND Detection Scenario Prof. Dr. R.Nitsch, FH Darmstadt Datagram Datagram Y all Recompute EDC from D' and compare bits in D' ok? with EDC' D EDC D+Errors = D' N Discard frame EDC' Bit error-prone link Layer 2 4 Internet Checksum Prof. Dr. R.Nitsch, FH Darmstadt • The Internet Checksum is used by the protocols IP, TCP und UDP (RFC 1071) 0010010010101101 0100100101010110 1011010001011110 1010110111100010 0010010010101101 0100100101010110 0010010010101101 transmit 0100100101010110 1011010001011110 1011010001011110 1010110111100010 1010110111100010 even parity for each column 0111010001000111 1000101110111000 ones complement Einerkomplement ( 0 and 1 swapped) 1000101110111000 1111111111111111 16-BitInternet-checksum Transmitter Layer 2 No errors! Every 0 would indicate an error even parity each column Receiver 5 Cyclic Redundancy Check Prof. Dr. R.Nitsch, FH Darmstadt • Is based on powerful mathematics (endliche Felder, finite fields) • Ethernet (IEEE 802.3) and Token Ring (IEEE 802.5) use the so called CRC-32 Method, which produces a CRC value of 32 Bit length • This Method allows to detect – All single-bit errors – All bit-pair errors – All frames with an odd error count • It's not possible to correct errors with the CRC information! Message + "000" T T T XOR At the end of processing the registers contain the error check bits. Layer 2 6 Forward Error Correction Prof. Dr. R.Nitsch, FH Darmstadt • The ability of a receiver to detect and correct errors is known as forward error correction (FEC) • FEC is commonly used in audio and video storage and playback devices (Audio CD, DVD), DSL, … • FEC reduces the number of sender retransmissions required. • This is important for real-time network application because they have not to wait for the round-trip propagation delay associated with each retransmission. • FEC techniques demand for powerful mathematics. Layer 2 7 Layer-2 (Data Link) Sublayers Prof. Dr. R.Nitsch, FH Darmstadt The IEEE divides the OSI data link layer into two separate sublayers. Media Access Control (MAC) (transitions down to media) Logical Link Control (LLC) (transitions up to the network layer) The MAC sublayer is concerned with the physical components that will be used to communicate the information. The LLC sublayer remains relatively independent of the physical equipment The LLC, as a sublayer, participates in the encapsulation process. Layer 2 8 MAC – Media Access Control Sublayer Prof. Dr. R.Nitsch, FH Darmstadt The Media Access Control (MAC) sublayer deals with the protocols that a host follows in order to access the physical media. is responsible for the actual framing IP APPLEIPX builds the 1s and 0s to hand off to Layer 3 TALK the physical layer. LLC is responsible for media access: (later) Layer 2 - LLC Random Access Ethernet Token FDDI MAC &Layer 1 Token Passing Ring Polling (Master sequentially asks all slaves wether they have to transmit data or not) • is concerned with physical naming (addressing); defines MAC addressing; • The NIC uses the MAC address to assess whether the message is destined for that host and therefore should be passed onto the upper layers of the OSI model. • The NIC makes this assessment without using CPU processing time. Layer 2 9 Media Access Control • Two types of links exist in networks – point-to-point links consist of a single sender and a single receiver at its ends. – broadcast links with multiple sender and receivers connected to the same shared transmission medium • A well-known example is a class room with a teacher, several pupils and the air as shared transmission media. • Communication in a class room follows these rules: – Give everyone a chance to speak – Don't speak until you are spoken to. – Don't monopolize the conversation – Raise your hand if you have a question – Don't interrupt when someone is speaking – Don't fall asleep when someone else is talking Prof. Dr. R.Nitsch, FH Darmstadt • Computer networks similarly have protocols, so called multiple access protocols Layer 2 10 Multiple Access Protocols Prof. Dr. R.Nitsch, FH Darmstadt • For a broadcast channel of rate R bits/s we have the following desired characteristics: – Throughput R bps when only one node has data to send – Average throughput R/M bps when M nodes have data to send – Decentralized protocol; no master nodes as single point of failures – Simple protocol that is inexpensive to implement • Many different multiple access protocols have been implemented in various link layer technologies. They all belong to one of the following categories: – channel partitioning protocols – random access protocols – taking-turns protocols Layer 2 11 Channel Partitioning Protocols K2 K3 time slot K1 K2 K3 K1 K2 K3 time link (R bps) TDM-DEMUX K1 K2 K3 available frequency band K1 K2 K3 K1 f1 K2 K3 f2 frequency link FDM-DEMUX Layer 2 K1 FDM-MUX • pros&cons: – No collisions possible. – each node has all the time a fixed R/N bps bandwidth available even when only one node has data to send. time frame TDM-MUX • Time Division Multiple Access – TDMA – divides time into time frames and further divides each time frame into N time slots – assigns each time slot to one of N nodes – Examples: Data-Highways (SDH, PDH,…) • Frequency Division Multiple Access – FDMA – divides available frequency band into N frequency slots – Assigns each frequency to one of N nodes – Examples: Radio, TV,... in former times Prof. Dr. R.Nitsch, FH Darmstadt K1 K2 K3 12 Random Access Protocols • Nodes transmit at the full channel bitrate R bps • When 2 nodes transmit at the same time, a collision occurs • Nodes repeatedly retransmit their frames until they get transmitted without collision • Nodes wait a individually selected random time before they start the retransmission in order to avoid a new collision • Dozens of random access protocols are described in literature (see: R.Rom,M.Sidi: Multiple Access Protocols, Performance and Analysis) • Most commonly in use are – ALOHA protocols – Carrier Sense Multiple Access (CSMA) protocols Layer 2 Prof. Dr. R.Nitsch, FH Darmstadt 15 Slotted ALOHA • Assumptions – All frames consists of exactly L bits – Time is divided in slots of size L/R seconds (=time to transmit a frame) – Nodes start frame transmissions only at the beginnings of the slots – Nodes can detect collisions before the slot ends • Operation of slotted ALOHA – Nodes, with frames to send, wait until the beginning of the next slot and transmit the entire frame (Nodes must be synchronized to slot times) – Without a collision the frame is successfully transmitted – If a collision is detected the node retransmits the frame in each subsequent slot with a probability of p until the frame is transmitted successfully. The node effectively tosses a coin to determine wether retransmission will start in next slot. Layer 2 Prof. Dr. R.Nitsch, FH Darmstadt empty slots successfull slots collisions Advantages • full rate for active node • highly decentralized • extreme simple 16 Efficiency of slotted ALOHA Definition: • Efficiency is defined as the long-run fraction of successfull slots in case of large number of nodes (N) Assumptions: – Each node attemps to transmit a fresh frame in each slot with probability p (nodes allways have frames to send) – Collided frames are retransmitted in the next slot with same probability p Calculation of Efficiency • Probability of a successfull node – p(1-p)N-1 • Probability of successfull slot fraction – Np(1-p)N-1 = Efficiency E Prof. Dr. R.Nitsch, FH Darmstadt 0.4 1/e= 37% 0.4 0.3 E( p 250 ) E( p 500 ) 0.2 E( p 750 ) E( p 1000 ) 0.1 0 0 0 0 0.05 0.1 0.15 p 100 0.2 0.25 0.3 0.3 Disadvantages: • Only 37 % of the slots do useful work • Max. effective channel transmission rate is 0,37·R bps • A similar analysis shows: •37% slot times go empty •26% slot times have collisions Layer 2 17 Carrier Sense Multiple Access Reason for the bad efficiency of ALOHA • In slotted ALOHA, decision to send is made independent of the other nodes activities – nodes send without regard to other nodes sending activities – node don't stop transmission when a collision occurs • Polite humans obey the following rules in conversation – Listen before speaking: In networking world this is called "carrier sense" – If someone else begins talking at the same time, stop talking: In networking world this is called "collision detection" • These 2 rules are embedded in the family of CSMA (carrier sense multiple access) and CSMA/CD (CSMA with collision detection) • Why do collisions occur despite the carrier sensing feature? ->see space-time diagram Layer 2 Prof. Dr. R.Nitsch, FH Darmstadt CSMA (without CD) space-time diagram: 4 nodes in space (A,B,C,D) t0: node B senses idle channel and starts sending; signal propagates in both directions along the broadcast medium t1: node C senses idle channel at time t1 and starts sending too. Signal from node B has not yet reached node D because limited light velocity 18 CSMA with Collision Detection Prof. Dr. R.Nitsch, FH Darmstadt • CSMA protocol family didn't perform collision detection. They continue to transmit their frames even in case of a collision. • Collision detection and aborting the transmission in case of a detected collision will rise protocol performance During this time bandwith is wasted by CSMA protocols Layer 2 19 Taking-Turns Protocols • Review of desireable protocol characteristics – Throughput R bps when only one node has data to send – Average throughput R/M bps when M nodes have data to send • ALOHA has the first characteristic but not the second! Taking-turns protocols have both! • Important taking-turns protocols are – Polling Protocol – Token-Passing Protocol Prof. Dr. R.Nitsch, FH Darmstadt Polling Protocol • requires a master node • master node polls each node in round robin fashion • Each polled node is authorized to send a maximum number of frames. • End of transmission is indicated by lack of signal! • Advantages: – No collisions, no empty slots better efficiency • Disadvantages – polling delay (time needed to poll a node). If only one node is active N-1 polling delays are wasted. – Master node is single point of failure Layer 2 20 Token-Passing Protocol Prof. Dr. R.Nitsch, FH Darmstadt • There is no master node • A small, speacial-purpose frame known as a token is exchanged among the nodes in some fixed order (Ex: Node 1 Node 2 … Node N Node 1; logical ring topology) • The node holding the token is authorized to send a maximum number of frames. • After end of transmission or if nothing is to send, the token is immediately passed to the next node. Advantages • Token passing is decentralized and has high efficiency Problems • Failure of one node can crash the entire channel • If a faulty node doesn't release the token a recovery procedure has to get the token back into circulation • Over the years many token-passing products have been developed (Token Ring (IEEE 802.5), FDDI (Fiber Distributed Data Interface) All of these have become relatively minor players in competition with Ethernet Layer 2 21 Naming Computers with MAC Addresses Prof. Dr. R.Nitsch, FH Darmstadt • MAC addresses provide a way for computers (nodes) to identify themselves within LANs (Ethernet, Token Ring, FDDI) • MAC addresses are: 48-Bit-MAC-Address – 48 bits in length – Expressed as twelve hexadecimal digits. – The first six hexadecimal digits, which are administered by the IEEE "universally administered address", identify the manufacturer or vendor and thus comprise the Organizational Unique Identifier (OUI). – The remaining six hexadecimal digits comprise the interface serial number, or another value administered by the specific vendor. • MAC addresses are sometimes referred to as burned-in addresses (BIAs) because they are burned into read-only memory (ROM) • The PC software (in PROTOCOL.INI or NET.CFG) can be configured to substitute a different address number. When this option is used, it is called a "locally administered address." •IEEE OUI FAQs: http://standards.ieee.org/faqs/OUI.html Layer 2 22 Introduction to Ethernet • Ethernet developed in the 1970s • success of Ethernet is due to the following factors: – Simplicity and ease of maintenance – Ability to incorporate new technologies – Reliability – Low cost of installation and upgrade Prof. Dr. R.Nitsch, FH Darmstadt A drawing of the first Ethernet system by Bob Metcalfe History • Early 1970s: At the University of Hawaii a system called Alohanet was developed to control access of various stations. This work formed the basis for the Ethernet access method known as CSMA/CD. • 1980: First Ethernet standard; published by Digital Equipment Company, Intel, and Xerox (DIX); open standard; up to 10 Mbps; Thicknet; <= 2000 m • 1985: 802.3 Ethernet standard is published by IEEE; complies to ISO/OSI model; only small modifications to original (DIX)-Ethernet. • Any Ethernet network interface card (NIC) can transmit and receive both Ethernet and 802.3 frames. • 1995: IEEE announced a standard for a 100-Mbps Ethernet (100BASE-T, 100m). • 1998 and 1999: IEEE standards for Gigabit Ethernet (1000BASE-T, 100m). • All the standards are essentially compatible with the original Ethernet standard. • Many Ethernet standard supplements were added in order to use different transmission media and higher transmission rates. Layer 2 23 Review: Encapsulation Example Prof. Dr. R.Nitsch, FH Darmstadt data APDU (Data) Transport Header data TPDU (Segment) Network Transport Header Header data NPDU (Packet) Routers Network Transport Header Header data LPDU (Frame) Switches, Bridges Email Link Header Link Trailer Bits 1010010100010101111101100010110110001 Hosts Repeaters, Hubs, Cables, etc. Let us focus on the Layer 2, Data Link, Ethernet Frame for now. Layer 2 24 Generic Data Link Frame Prof. Dr. R.Nitsch, FH Darmstadt • • • • • • • Framing is the Layer 2 encapsulation process. A frame is the Layer 2 protocol data unit (2-PDU). Framing provides order, or structure, to the bitstream. There are many different types of frames described by various standards. A single generic frame has sections called fields Eeach field is composed of bytes. The names of the fields are as follows: – Start frame field – Address field – Length / type field – Data field – Frame check sequence field (FCS) • Logical link control (LLC) bytes are also included with the data field in the IEEE standard frames. • There are three common conventions for the format of the remainder of the frame: – Ethernet II or DIX – IEEE 802.3 and 802.2 – SNAP Layer 2 25 IEEE 802.3 and 802.2 64 bis 1518 Bytes Prof. Dr. R.Nitsch, FH Darmstadt • The DIX standard did not need a length field because the vendor protocols that used it (XNS, DECNET, IPX, IP) all had their own length fields. However, the 802 committee needed a standard that did not depend on the good behavior of other programs. The 802.3 standard therefore replaced the two byte type field with a two byte length field. FCS calculation Byte MAC MAC • Maximum size of Ethernet frame payload Interpretation of Length/Type Field: (data) is 1500 and Xerox did not assign type •Value >= 0x600 (hex): Type field (Ethernet II or DIX, Ethernet values below 1500. This allows DIX and 802 802.3) standards to overlap conflictlessly. •Value < 0x600 (hex): Length • The 802.2 header follows the 802.3 header field (Ethernet 802.3) (and also follows the comparable fields in a Token Ring, FDDI, or other types of LAN). Layer 2 27 Ethernets Type of Service Prof. Dr. R.Nitsch, FH Darmstadt • All of the Ethernet technologies provide connectionless service to the network layer. – No handshaking is done with receiving node • All of the Ethernet technologies provide unrealiable service to the network layer. – Received frames are not acknowledged – A frame that fails the CRC check is discarded without informing the sender • The lack of reliable service makes Ethernet simple and cheap • Does the application at the receiving node see the gaps in the data stream? – No, if the layer-3 or layer-4 services detect and recover from the gaps. Example: If TCP is the layer-4 protocol in use then the gaps are detected and retransmission is enabled because TCP offers connection-oriented and reliable transport service to it's upper layers. – Yes, if they do not. If IP is the layer-3 protocol and UDP is the layer-4 protocol the gaps will remain undetected because both protocols offer only unreliable transport service to their upper layers . Layer 2 32 Sending and receiving Ethernet frames on a bus Prof. Dr. R.Nitsch, FH Darmstadt • When an Ethernet frame is sent out on the “bus” all devices on the bus receive it. What do they do with it? • Each NIC card compares its own MAC address with the Destination MAC Address. • If it matches, it copies in the rest of the frame. • If it does NOT match, it ignores (filters) the rest of the frame … – … unless you are running a Sniffer program • So, what happens when multiple computers try to transmit at the same time? • They produce a collision. Collisions are the most common error condition on an Ethernet. 1111 2222 3333 Abbreviated MAC Addresses nnnn 3333 1111 1111 2222 3333 nnnn X Collision! Layer 2 33 CSMA/CD (Carrier Sense Multiple Access with Collision Detection) Prof. Dr. R.Nitsch, FH Darmstadt •Ethernet is a shared-media broadcast technology. •The access method CSMA/CD used in Ethernet performs three functions: – Transmitting and receiving data packets. – Decoding data packets and checking them for valid addresses before passing them to the upper layers of the OSI model. – Detecting errors within data packets or on the network. •Collision detection method: Monitor the amplitude of the signal during transmission. If the amplitude increases on the networking media a collision has occurred. •In case of collision the nodes stop transmitting for a random period of time (backoff time), which is (hopefully) different for each device. •When a device's backoff delay period expires, that device can attempt to gain access to the networking media. Layer 2 34 CSMA/CD and Collisions Prof. Dr. R.Nitsch, FH Darmstadt CSMA/CD (Carrier Sense Multiple Access with Collision Detection) • Listens to the network’s shared media to see if any other users is “on the line” by trying to sense a neutral electrical signal or carrier. • If no transmission is sensed, then multiple access allows anyone onto the media without any further permission required. • If two NICs detect a neutral signal and access the shared media at the exact same time, a collision occurs and is detected. • The PCs sense the collision by wether excess voltage is on the line additional to their own transmission voltage. • When a collision occurs, a 32-bit jamming signal is sent out by the first NIC that detects the collision in order to enforce the collision . • A random back-off scheme, is used to prevent colliding retransmissions. • If collisions continue to occur, the NICs random interval is doubled, lessening the chances of a collision. • Late Collisions: In a proper functioning Ethernet network, a NIC may experience collision within the first slot time (minimum frame period, 51.2 µS) after it starts transmission. This is the reason why an Ethernet NIC monitors the CD signal during this time and use CSMA/CD. A faulty CD circuit, or misbehaving NIC or transceiver may lead to a late collision (i.e. after one slot time). Layer 2 35 Interframe spacing and backoff Prof. Dr. R.Nitsch, FH Darmstadt Interframe spacing • After a frame has been sent, all stations on a 10-Mbps Ethernet are required to wait a minimum of 96 bit-times (9.6 microseconds) before any station may legally transmit the next frame. • This minimum spacing between two non-colliding frames is also called the interframe gap. It is measured from the last bit of the FCS field of the first frame to the first bit of the preamble of the second frame. • This gap is intended to allow slow stations time to process the previous frame and prepare for the next frame. Backoff Time • After a collision occurs and all stations wait the full interframe spacing • The stations that collided must wait an additional backoff time before retransmitting the collided frames. • The waiting period is intentionally random so that two stations do not delay for the same amount of time before retransmitting which would result in more collisions. • The waiting period is measured in increments of the parameter "slot time". • If the MAC layer is unable to send the frame after sixteen attempts, it gives up and generates an error to the network layer. Layer 2 36 Exponential Back-off Algorithm Prof. Dr. R.Nitsch, FH Darmstadt • If all NICs attempted to retransmit immediately following a collision, then this would certainly result in another collision. • Ethernet uses a random back-off period to minimize the propability of this event. • Each node selects a random number, multiplies this by the slot time (minimum frame period, 51.2 µS) and waits for this random period before attempting retransmission. The small Inter-Frame Gap (IFG) (e.g., 9.6 microseconds) is also added. • On a busy network, a retransmission may still collide with another retransmission (or possibly new frames being sent for the first time by another NIC). The protocol therefore counts the number of retransmission attempts (using a variable N in the above figure) and attempts to retransmit the same frame up to 15 times. • For each retransmission, the transmitter constructs a set of numbers: {0, 1, 2, 3, 4, 5, ... L} where L is (2K-1) and where K=N; K<= 10; • A random value R is picked from this set, and the transmitter waits for a period R x (slot time) i.e. R x 51.2 μs • For example, after two collisions, N=2, therefore K=2, and the set is {0, 1, 2, 3} giving a one in four chance of collision. This corresponds to a wait selected from {0, 51.2, 102.4, 153.6} micro seconds. Layer 2 37 What are collision domains? • Host A senses no voltage on the circuit. It begins transmitting a frame. The signal voltage travels through the wire with about light velocity. Repeaters and hubs flood the incoming signals out any other outputs • Host B also wants to transmit a frame. It senses a free line up to the time when host A's first frame byte arrives at host B. Immediately after Host B starts sending it detects the excessive voltage from host A's frame. It stops sending and starts sending a 32-bit jam signal • Host A cannot detect the collision until the collision fragments of Host B arrives. It MUST continue sending his frame until that time. • When the collision fragments finally reaches Host A, it also truncates the current transmission and substitutes the jam signal. • A hub or series of hubs/repeaters is a single collision domain. Prof. Dr. R.Nitsch, FH Darmstadt 1 segment 1 32 24 16 8 1 1 42 32 16 32-bit jam signal 8 1 64 byte 200 m Diameter of collision domain 64 32-bit jam signal Layer 2 56 48 40 38 Limitations of half/duplex operation Prof. Dr. R.Nitsch, FH Darmstadt • In order to savely detect collisions at the sender, it must keep on sending the frame for a minimum time (slot time). This requires the frames to have a minimum length. • This minimum time is equal to the maximum round trip delay of the network, which itself is a measure of the distance between the most distant nodes in the network • Consequence: For a given minimum frame length, the extent of a network scales inversely with data rate. 10000 m • Slot-time is calculated assuming – maximum cable lengths on the 1000 m largest legal network architecture, – all hardware propagation delay times are at the legal maximum and 100 m – the 32-bit jam signal is used when collisions are detected. 10 m Layer 2 ≈2800 m ≈205 m ≈20 m 10 100 1000 Mbps 39 Slot Times required Prof. Dr. R.Nitsch, FH Darmstadt • At 10 Mbps the standard demands a slot-time of 51,2us (64 Bytes, 512 bits). This allows an ethernet LAN to extent up to 2-3 km. • Fast Ethernet (100 Mbps) has a slot time of 5.12μs with the same minimum frame length (512 bit). The network extent it limited to 200 m with twistedpair cable. • To allow 1000-Mbps Ethernet to operate in half duplex the maximum network extent needs to be restricted to about 20 m (not acceptable or the frames needs to be extended. Therefore the extension field was added to expand the slot-time to 4.096μs (512 bytes, 4096 bits) for small data payloads. 6 DA 6 2 SA Length/Type 46-1500 4 <512 Data FCS Extension Byte • This field is present only on 1000-Mbps, half-duplex links and allows minimumsized frames to be long enough to meet slot-time requirements. Extension bits are discarded by the receiving station. • Propagation velocity is about 200 m per microsecond in a UTP cable. • It takes just 10 bit-times for a 10BASE-T, 100 bit-times for 100BaseT, and 1000 bit-times for 1000BaseT to travel this length (200 m) of UTP cable. • Therefore half duplex is not permitted in 10-Gigabit Ethernet. Layer 2 40 Sending and receiving Ethernet frames via a hub Prof. Dr. R.Nitsch, FH Darmstadt 3333 1111 2222 Nope Wasted bandwidth 3333 For me! 4444 Nope 5555 Nope 1111 • So, what does a hub do when it receives a frame? • Remember, a hub is nothing more than a multiport repeater acting as a layer 1 device. • The hub will flood it out all ports except for the incoming port. • A hub does NOT look at layer 2 addresses, so it is fast in transmitting data. • Disadvantage with hubs: A hub or series of hubs is a single collision domain. • A collision will occur if any two or more devices transmit at the same time within the collision domain. • More on this later. • Another disadvantage with hubs is that it takes up unnecessary bandwidth on other links. Nope: no operation Layer 2 42 Sending and receiving Ethernet frames via a switch Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 3333 1111 • Switches are also known as learning bridges or learning switches. • A switch has a source address table in cache (RAM) where it stores source MAC address after it learns about them. • A switch that receives an Ethernet frame searches the source address table for the Destination MAC address (DA). – If it finds a match, it filters the frame by only sending it out that port. – If there is not a match if floods it out all ports. switch 1111 3333 Abbreviated MAC addresses 2222 4444 Layer 2 43 No Destination Address in table, Flood Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 3333 1111 • Next, in our scenario, the switch will flood the frame out all other ports, because the DA is not in the source address table. switch 1111 • How does it learn Source MAC Addresses (SA)? – First, the switch will see if the SA (1111) is in it’s table. • If it is, it resets the associated timer (more in a moment). • If it is NOT in the table it adds it with the port number. 3333 Abbreviated MAC addresses 2222 4444 Layer 2 44 Destination Address in table, Filter Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 6 3333 1111 3333 • Now 3333 sends data back to 1111. • The switch sees if it has the SA stored. – It does NOT so it adds it. (This will help next time 1111 sends to 3333.) • Next, it checks the DA and in our case it can filter the frame, by sending it only out port 1. switch 1111 3333 Abbreviated MAC addresses 2222 4444 Layer 2 45 Destination Address in table, Filter Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 6 3333 3333 1111 switch 1111 3333 • Now, because both MAC addresses are in the switch’s table, any information exchanged between 1111 and 3333 can be sent (filtered) out the appropriate port. 1111 • What happens when two devices send to the same destination? • What if this was a hub, not a switch? • Where is (are) the collision domain(s) in this example? 3333 Abbreviated MAC addresses 2222 4444 Layer 2 46 No Collisions in Switch, Buffering Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 6 3333 9 4444 3333 1111 switch 3333 4444 1111 • Unlike a hub, a collision does NOT occur within these segments, which would cause the two PCs to have to retransmit the frames. • Instead the switch buffers the frames and sends them out port #6 one at a time. • The sending PCs have no idea that their was another PC wanting to send to the same destination. 3333 Abbreviated MAC addresses 2222 4444 Layer 2 47 Collision Domains Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 6 3333 9 4444 3333 1111 Collision Domains switch 3333 4444 1111 3333 Abbreviated MAC addresses 2222 4444 Layer 2 • When there is only one device on a switch port, the collision domain is only between the PC and the switch. (Cisco curriculum is inaccurate on this point.) • Having these small collision domains with a switch is called "micro segmentation" • With a full-duplex PC and switch port, there will be no collision, since the devices send and receive at different circuits at the same time. • Full-duplex operation allows for larger network architecture designs since the timing restriction for collision detection is removed. 48 Other Information Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 6 3333 9 4444 switch 1111 3333 Abbreviated MAC addresses 2222 • How long are addresses kept in the Source Address Table? – 5 minutes is common on most vendor switches. • How do computers know the Destination MAC address? • ARP Caches and ARP Requests (later) • How many addresses can be kept in the table? – Depends on the size of the cache, but 1,024 addresses is common. • What about Layer 2 broadcasts? – Layer 2 broadcasts (DA = all 1’s) is flooded out all ports. 4444 Layer 2 49 What happens here? Prof. Dr. R.Nitsch, FH Darmstadt Source Address Table Port Source MAC Add. Port Source MAC Add. 1 1111 6 3333 1 2222 1 5555 1111 3333 • Notice the Source Address Table has multiple entries for port #1. • The switch filters the frame out port #1. • But the hub is only a layer 1 device, so it floods it out all ports. Collision Domain • Where is the collision domain? 3333 1111 2222 5555 Layer 2 50 Switches • 2.5.2006 • A switch is like a multiport bridge. • Like bridges, switches learns the MAC addresses of active devices connected to its ports. It is a OSI Layer-2 device. • Switches use this information to build forwarding tables (similar to bridge tables) • Switching lessens congestion in Ethernet LANs by reducing the traffic and increasing the bandwidth. • Switches can easily replace hubs because switches work with existing cable infrastructures. • All switching equipment performs two basic operations: 1. Switching data frames: a process by which a frame is received on an input medium and then transmitted to an output medium. 2.Build and maintain switching tables and search for loops. • Switches operate at much higher speeds than bridges and can support new functionality, such as virtual LANs. • an Ethernet switch allows many users to communicate in parallel through the use of virtual circuits and dedicated network segments in a virtually collision-free environment. • This maximizes the bandwidth available on the shared medium. Layer 2 Prof. Dr. R.Nitsch, FH Darmstadt 51 IEEE-802.11 Wireless LANs • Portable PCs, PDAs, cameras, automobiles, pets, security systems, kitchen appliances, household plants are going wireless connected to the Internet • Important wireless device classification criateria are power, range and data rate. • Bluetooth: low-power, short-range, lowrate cable replacement technology • 802.11 family (WLAN): higher-power, medium-range, higher-rate "access"technology Prof. Dr. R.Nitsch, FH Darmstadt 802.11b • transmits in an unlicensed radio spectrum at 2,4 GHz • provides wireless Ethernet access at 11 Mbps • defines the physical layer and Media Access Control (MAC) layer • Physical layer uses DSSS which codes each bit into a chipping code. This is similar to CDM, except now all mobile hosts use the same chipping code. Therefore DSSS is not a CDM technique that controls multiple access to a shared medium. • DSSS is instead a physical layer mechanism that spreads the signal energy over a wider frequency range, thereby improving the receivers ability to recover the original transmitted bits. Layer 2 53 Wireless LAN Standards Prof. Dr. R.Nitsch, FH Darmstadt • IEEE defines the physical and Media Access Control (MAC) layer for wireless networks • 802.11b may also be called Wi-Fi™ (wireless fidelity) or high-speed wireless Ethernet and refers to systems that operate at 1, 2, 5.5 and 11 Mbps. – Available in Europe; Supports roaming – Operates in the unlicensed 2,4 GHz ISM-Band (Industrial, Scientific, and Medical Band); – provides wireless Ethernet access at 11 Mbps. In production networks, a more realistic rating is 4-6 Mbps. – Physical layer uses DSSS which codes each bit into a chipping code. This is similar to CDM, except now all mobile hosts use the same chipping code. Therefore DSSS is not a CDM technique that controls multiple access to a shared medium. – DSSS is instead a physical layer mechanism that spreads the signal energy over a wider frequency range, thereby improving the receivers ability to recover the original transmitted bits. • 802.11a WLAN devices – Used in North Amerika and Japan – operate in the 5-6 GHz transmission band. – supply data throughput of 54 Mbps and with proprietary technology known as "rate doubling" has achieved 108 Mbps. In production networks, a more realistic rating is 20-26 Mbps. • 802.11g provides the same throughput as 802.11a (54 Mbps) but operates in the 2,4 GHz band with backward compatibility for 802.11b devices. • All of the 802.11 standards have the same architecture and use the same MAC protocol Layer 2 54 The global picture: a multiplicity of WLAN standards Prof. Dr. R.Nitsch, FH Darmstadt Features 802.11a North America Japan 802.11g Europe 802.11b Europe Operating Frequency Band 5 GHz Industrial, Scientific and Medical Band 2,4 GHz 2,4 GHz Data Rates 6, 9, 12, 18, 24, 36, 48 and 54 Mbps 6, 9, 12, 18, 24, 36, 48 and 54 Mbps 1, 2, 5.5 and 11 Mbps System Orthogonal Frequency Division Multiplexing (OFDM) OFDM DSSS (Direct Sequence Spread Spectrum) >= 100 m 100m Approximate Range 50 m Layer 2 55 802.11 LAN Architecture Prof. Dr. R.Nitsch, FH Darmstadt • Cells are the fundamental building blocks of 802.11 LANs also known as the basic service set (BSS) • A BSS contains one or more mobile stations and one central base station known as access point (AP) • Multiple APs may be conntected to form a so called distribution system (DS) • The DS appears to upper layer protocols (e.g. IP) as a single 802 network. • Cell overlapping will permit roaming between cells, allowing for the disconnect and reconnect activity to occur seamlessly without service interruption. Infrastructure Mode: Wireless end-points communicate via a wireless relaying Access Point device BSS BSS f1 f3 AP BSS AP AP f2 AP AP f2 Infrastructure Mode f1 cells Layer 2 Ad-hoc mode Ad-hoc Mode: Wireless end-points communicate directly with each other. An Access Point is not involved. 57 IEEE 802.11 Media Access Protocol - Hidden Terminal Problem Prof. Dr. R.Nitsch, FH Darmstadt • IEEE 802.11 Media Access Protocol is carrier sense multiple access with collision avoidance (CSMA/CA). It can not implement the collision detection method, because of the hidden terminal problem which is common to all wireless communications. Hidden terminal problem description a) Physical obstructions may prevent A and C from detecting each others transmissions, even though A's and C's transmissions are receiveable at destination B. b) Collisions are also undetectable when A and C are placed that their signal strengths are sufficient for destination B but not strong enough to detect each others transmissions and hence the collision at B. Layer 2 58 IEEE 802.11 Media Access Protocol Prof. Dr. R.Nitsch, FH Darmstadt • IEEE 802.11 frames contain a "Duration" field in which the sending station indicates the length of time ( also called network allocation vector (NAV) ) that it's frame will keep the channel busy. • The NAV determines the minimum amount of time other stations should defer their access • CSMA protocol first senses the channel to determine wether it is busy or not. • If the channel is sensed idle for a time minimum given by the Distributed Inter Frame Space (DIFS), a station is allowed to transmit. • This frame will be successfully received if no other station's transmission will interfere. • Each completely and correctly received frame is acknowledged to the sender. After a short period of time, known as the Short Interframe Spacing (SIFS) the receiver sends a short achnowledgement frame back to the sender. • This is necessary because wireless stations are not able to detect collisions reliable (Hidden terminal problem) Layer 2 Data transmission and acknowledgement in 802.11 59 802.11 Backoff Mechanism Prof. Dr. R.Nitsch, FH Darmstadt • When the sender senses the channel to be busy it performs a backoff procedure similar to that of Ethernet: – The sender waits until the channel is idle – The sender additionally waits for DIFS time. – If the channel stayed idle, the sender computes an additional random backoff time. – When the backoff timer reaches zero, the node transmits the frame – As in the case of Ethernet, the backoff intervall is doubled each time the retransmitted frame experiences a collision Layer 2 60 IEEE 802.11 Media Access Protocol • 802.11 protocol can also use short frames, called RTS (Request to send) and CTS (clear to send), to reserve access to the channel. • Senders willing to send, first send a RTS frame to the receiver indicating the expected channel allocation duration (data and ACK; NAV). • The receiver responds with a CTS frame, giving the sender explicit permission to send. • All other stations hearing the RTS or CTS then know about the pending transmission and can avoid interfering with it. • RTS/CTS helps avoid collisions in 2 important ways – The CTS frame helps avoid the hidden station problem. – Collisions involving RTS/CTS frames will last only for a short time. • Note: – After correctly transmitted RTS/CTS frames there should be no collisions. – Without any hidden nodes, then the use of RTS/CTS will only increase the amount of overhead, which reduces throughput. • Each 802.11 sender can operate with or without using the RTS/CTS frames Layer 2 Prof. Dr. R.Nitsch, FH Darmstadt Collision avoidance using the RTS and CTS frames NAV: Network Allocation Vector 61 Wireless devices and topologies Prof. Dr. R.Nitsch, FH Darmstadt • When a client is activated within the WLAN, it will start "listening" for a compatible device with which to "associate". • This is referred to as "scanning" and may be active or passive. – Active scanning causes a request to be sent from the wireless node seeking to join the network. – The request will contain the Service Set Identifier (SSID) of the network it wishes to join. – When an AP with the same SSID is present, the AP will issue a response. • The authentication and association steps are completed. • From webpedia.com – SSID: a 32-character unique identifier attached to the header of packets sent over a WLAN that acts as a "password" when a mobile device tries to connect to the BSS. The SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a specific WLAN must use the same SSID. A device will not be permitted to join the BSS unless it can provide the unique SSID. Because an SSID can be sniffed in plain text from a packet it does not supply any security to the network. Layer 2 62 How wireless LANs communicate Prof. Dr. R.Nitsch, FH Darmstadt • Performance of the network will also be affected by signal strength and degradation in signal quality due to distance or interference. • As the signal becomes weaker, Adaptive Rate Selection (ARS) may be invoked. • The transmitting unit will drop the data rate from 11 Mbps to 5.5 Mbps, from 5.5 Mbps to 2 Mbps or 2 Mbps to 1 Mbps. Layer 2 63 The radio wave and microwave spectrums Prof. Dr. R.Nitsch, FH Darmstadt • Computers send data signals electronically. • Radio transmitters convert these electrical signals to radio waves. • However, radio waves attenuate as they move out from the transmitting antenna. • In a WLAN, a radio signal measured at a distance of just 10 meters (30 feet) from the transmitting antenna would be only 1/100th of its original strength. • As the signal becomes weaker, Adaptive Rate Selection (ARS) may be invoked. • The transmitting unit will drop the data rate from 11 Mbps to 5.5 Mbps, from 5.5 Mbps to 2 Mbps or 2 Mbps to 1 Mbps. Layer 2 64 Radio Interference: Signals and noise on a WLAN Prof. Dr. R.Nitsch, FH Darmstadt • When using RF technology many kinds of interference must be taken into consideration. • In homes and offices, a device that is often overlooked as causing interference is the standard microwave oven. • Leakage from a microwave oven of as little as one watt into the RF spectrum can cause major network disruption. • Wireless phones operating in the 2.4 GHz spectrum can also cause network disorder. • The RF signal can be affected by some extreme weather conditions such as fog or very high moisture conditions. Lightning can also charge the atmosphere and alter the path of a transmitted signal. Layer 2 65 Methods of Authentication Prof. Dr. R.Nitsch, FH Darmstadt • • • • WLAN authentication occurs at Layer 2. WLAN authentication authenticates the device not the user. IEEE 802.11 lists two types of authentication processes. The first authentication process is the "open system". – This is an open connectivity standard in which only the SSID must match. – This may be used in a secure or non-secure environment despite the ability of low level network ‘sniffers’ to discover the SSID of the WLAN is high. • The second process is the "shared key". – This process requires the use of Wireless Equivalency Protocol (WEP) encryption. – WEP is a fairly simple algorithm using 40 and 128 bit keys. – The AP is configured with an encrypted key and nodes attempting to access the network through the AP must have a matching key. – Statically assigned WEP keys provide a higher level of security than the open system but are definitely not hack proof. • The problem of unauthorized entry into WLANs is being addressed by a number of new security solution technologies. Layer 2 66