info 330 computer networking technology i

www.ischool.drexel.edu

INFO 330Computer Networking

Technology I Chapter 5

The Link Layer & LANs

Dr. Jennifer Booker

1INFO 330 Chapter 5

INFO 330 Chapter 5 2

The Link Layer

• So, let’s see where we’ve been– The transport layer provides process to

process communication– The network layer provides host to

host communication

• Now the Link Layer provides the ability to send packets across a single … link– So this layer tells how to send a

packet/segment/datagram from one router/host to another


The Link Layer

• There are two types of link layer channels– Broadcast channels, used in LANs, wireless

LANs, satellite networks, and HFC cable networks

– Point-to-point communication link, such as between two routers or between an ISP and a modem

• We’ll focus on Ethernet and PPP (Point-to-Point Protocol)– Wi-Fi (IEEE 802.11 protocols) is in chapter 6


Link Layer Terms

• A node is a router or host – here we don’t care which one we’re dealing with!

• Any connection between nodes is a link– The transmitting node puts the datagram in

a frame, and transmits it into the link– The receiving node receives the frame, and

extracts the datagram

Datagram


Link Layer Services

• A link layer protocol moves a datagram over a (one, individual, eins, uno) link– It defines the format of packets (frames)

exchanged between nodes at each end of the link, and the actions the nodes do to send and receive these packets

– Over a host-to-host route, links may use several different link-layer protocols – but only one per link

• Typically, one link layer frame contains one network layer datagram


Link Layer Services

• The link layer’s actions can also include– Framing– Link access– Reliable delivery– Error detection and correction

• Link layer protocols include PPP, Ethernet, Token Ring, Wi-Fi, and some parts of ATM


Link Layer Services

• Now elaborate a little on these services

• Framing a datagram into a frame means we have data (the datagram) and one or more headers– Technically, can have header and trailer

fields, but we’ll generically call both headers– Header format is defined by the protocol


Link Layer Services

• Link Access uses the Medium Access Control (MAC) protocol to define how a frame is transmitted over a link – MAC negotiates transmission when many

nodes share the same link

• Reliable delivery is provided by high error- rate links (e.g. wireless) to keep the transport layer from retransmitting over the entire route


Link Layer Services

• Flow control helps keep the sending node from overwhelming the receiving node

• Error detection looks for bit errors, usually more elaborately than in the transport and network layers

• Error correction – some protocols (ATM) can also fix errors detected


Link Layer Services

• Half vs full duplex – with half duplex, a node can only send or receive at one time; with full duplex, it can send and receive at the same time

• Yes, lots of the link layer services are similar to transport layer services– But the link layer only provides them between

two nodes, whereas the transport layer does between hosts


Adapters

• Most link layer protocols are implemented in an adapter (since we’re getting really close to the physical layer!)– Adapter = network interface card (NIC)

• The adapter is the last connection between a host and the physical link to the network– Error checking occurs in the adapter, oblivious to

the host– Only datagrams which come in cleanly are

passed up the protocol stack to the application


Adapters

• The main parts of an adapter are the link interface and the bus interface– The link interface connects to the physical

network– The bus interface connects to the “parent”

node’s I/O bus (e.g. PCI, PCI-X, Serial ATA, IDE, etc.)

• Not much to it!


Error Detection and Correction

• We can detect, and sometimes correct, bit errors at the link layer



• We add error-detection and correction (EDC) to the data (D) to be sent across the link, in addition to other header info (address, sequence number, etc.)

• At the other end of the link, the data could be changed (D’) and the EDC info could be corrupted (EDC’)

• Telling from D’ and EDC’ if the original D was corrupted isn’t a perfect science!



• Hence there could be undetected bit errors– The lower the undetected error rate, the

larger the overhead to add to each frame

• Three main methods for detection– Parity Checks– Checksum– Cyclic Redundancy Check (CRC)


Parity Checks

• A simple error detection scheme, parity check adds one bit to the data

• That one bit depends on the type of parity scheme– For even parity, the parity bit is chosen so that

the total number of 1’s in the frame is … even– For odd parity, the parity bit is chosen so that

the total number of 1’s in the frame is … odd


Parity Checks

• If the receiver of an even parity link finds an odd number of parity, then there must have been some odd number of bit errors (1, 3, 5, …)– Notice that an even number of errors isn’t

detected!

• And yes, it helps if both sides of the link are using the same parity rules– Modems used to set even or odd parity


Parity Checks

• A better approach is to break the data into a table with i rows and j columns, and define parity for each row and column

• In this two-dimensional parity check, there are i+j+1 parity values (bits)

• But by cross-referencing the parity errors, exactly which bit(s) were in error can be known, and hence fixed!


Parity Checks

• If the receiver can detect and fix errors, it’s forward error correction (FEC)

• Commonly used in audio devices to compensate for, e.g., scratched CD’s

• In a network, this helps avoid retransmission, and the associated delays


Checksum Methods

• Yup, this is just like the approach we saw before…here we call it an Internet checksum– Add the digits of the data– Take the 1s complement of the result – that’s

the checksum– Data + checksum = 111111111… if not,

there’s an error somewhere

• See RFC 1071


Cyclic Redundancy Check

• A Cyclic Redundancy Check (CRC) code is widely used in the link layer– Checksums are easy to calculate in software,

so they’re ok for the transport and network layers, but here we can use hardware to calculate CRC codes for us

– A.k.a. polynomial codes

• The use of CRC codes provides more sophisticated error checking



• CRC uses modulo-2 arithmetic, a.k.a. Boolean arithmetic

• It’s equivalent to XOR (exclusive OR):– A B (A xor B)– 0 0 0– 0 1 1– 1 0 1– 1 1 0



• Multiplication by 2^k moves the bits left byk places – 1011 * 2^3 = 1011000 (11*8 = 64+16+8=88)

• So much for the math lesson, so what?

• The CRC code defines the ‘r’ CRC bits with a value of R

• There’s a generator, G, which has some value starting with 1, and has r+1 bits



• Assume our data has ‘d’ bits, and is a string called D

• The value of R is defined so that D * 2^r XOR R is equal to some exact integer multiple of G– (D * 2^r) XOR R = n*G– So R = remainder [D*2^r / G]



• The value of G is typically predefined by IEEE standards– Standard G lengths are 8, 12, 16, and 32 bits– Hence the corresponding lengths of R are

r = 7, 11, 15, and 31 bits



• So how does this mess work?– Pick a length of G– Calculate R from the previous slide for each

data frame, D – Send the frame– The receiver divides the d+r bits by G

• If the remainder is zero, there are no errors• If the remainder is not zero, there were errors



• So what? Why all this work?– Errors tend to occur in bursts – not one error

all by itself– Using CRC codes allows you to catch up to ‘r’

errors in a single frame• And errors of more than ‘r’ in a frame might be

caught, (1 - 0.5r)*100 percent of the time• And this will catch any number of odd errors

– So that’s why we use it a lot at the link layer


Multiple Access Protocols

• Network links can be point-to-point (one sender and one receiver) or broadcast links

• For a broadcast link– A node sends a frame to all of the other

nodes– Used by wired, wireless, and satellite

networks, plus the occasional cocktail party



• This motivates the multiple access problem – how do we control transmission onto a shared broadcast channel

• Frames can arrive at a node (yes, technically the adapter on that node) at the same time, producing a collision (both frames on top of each other, a mess)



• Dozens of multiple access protocols have been defined, but they fall into three types– Channel partitioning protocols– Random access protocols– Taking-turns protocols



• We want multiple access protocols to provide– One node can send data at a rate of R bps– If M nodes want to transmit, each can transmit

an average of R/M bps– The protocol should be decentralized, so that

a single point failure doesn’t take down the system

– It’s cheap to implement and simple


Channel Partitioning Protocols

• Could use FDM or TDM (frequency or time division multiplexing) to share a channel’s bandwidth across some number of slots– Avoids collisions, which is good– But each slot only gets a fraction of the

bandwidth, even if no one else is transmitting


Channel Partitioning Protocols

• Instead use Code Division Multiple Access (CDMA), which assigns codes to each node which sends data – CDMA is also good for avoiding signal

jamming, hence is used by the military

• Is used widely for wireless protocols


Random Access Protocols

• Here each node transmits as though it has the full channel bandwidth available– When a collision occurs, it waits a random

amount of delay time before retransmitting

– Keep retransmitting until the frame gets through

• There are many protocols of this type, e.g.– Slotted ALOHA

– ALOHA

– CSMA (of which Ethernet is an example)


Slotted ALOHA

• Suppose – All frames have size L bits– Time is divided into slots of duration L/R

seconds (= time to transmit one frame)– Nodes only transmit at the start of a slot– Nodes all know when the slots start– If a collision occurs, the nodes know that

before the end of the slot occurs– There is a probability, p, between 0 and 1


Slotted ALOHA

• Slotted ALOHA works like this:– When a node needs to transmit a frame, it

waits until the next slot starts and transmits it– If there’s no collision, the node can transmit

the next frame if needed– If there was a collision, the next time a

random number is greater than p, transmit in that slot

• So if the random value is less than 1-p, wait for retransmission


Slotted ALOHA

• This takes advantage of the link when only one node is active – it gets the full rate– If there are multiple active nodes, some slots

will be wasted because nobody is transmitting

• The efficiency is the percent of slots where a successful transmission occurs– The efficiency for N active nodes is

N*p*(1-p)^(N-1)– Bad part is: max efficiency is only 37%


ALOHA

• What is we ignore the part about transmitting only at the start of a slot?– Transmit when you want to– If there’s a collision, retransmit immediately if

value is >p, otherwise wait one slot duration and reevaluate retransmitting then

• The icky part is that the efficiency of this is only half of Slotted ALOHA – the price for decentralized control


CSMA

• CSMA (Carrier Sense Multiple Access) pays attention to whether anyone else is transmitting, before a node does so– Like listening for a break in conversation

before jumping in, carrier sensing listens for a break in link traffic (basic CSMA protocol)

– Collision detection is done by sensing if another node starts transmitting while you are (CSMA/CD)


CSMA

• There are many variations on CSMA & CSMA/CD

• Collisions can occur because of the time needed for transmitting frames – the channel propagation delay– A problem solved by the binary exponential

backoff algorithm

• CSMA/CD efficiency is 1/(1+5*dprop/dtrans)


Taking-turns Protocols

• The ALOHA and CSMA protocols both take advantage of full bandwidth when available, but neither is good at assuring fair share of throughput when multiple nodes are active– To fix the latter, taking-turns protocols have been

made – hundreds of them!

• We’ll focus on two major kinds– Polling protocols

– Token-passing protocols


Polling Protocols

• Polling protocols make one node a master node – The master node polls each node in turn, and

tells each node it can send some number of frames

• This eliminates collisions and empty slots– But it adds a polling delay to notify each node

it’s turn is up, and delays to check nodes which are inactive

– And it’s really bad if the master node dies!


Token-passing Protocols

• Token-passing protocols have no master node, but instead pass a small token frame among the nodes in a fixed order– Each node holds the token only if they have

frames to transmit, up to some max number– Then keep passing the token

• Failure of ANY node crashes the network!– Or if the token isn’t released, there’s trouble

• FDDI and yes, Token Ring, are examples


Local Area Networks (LANs)

• Local Area Networks use multiple access protocols extensively

• Ethernet is the most common random access protocol

• Token Ring had a slight speed advantage,

so it was popular in the late 1980’s– A node sends a frame around the network,

and it’s read by the recipient node– The sender removes it from the network


Local Area Networks (LANs)

• FDDI (Fiber Distributed Data Interface) was designed for larger LANs, specifically Metropolitan Area Networks (MANs)

• Under FDDI, the destination node removes the frame from the network– Hence it isn’t a pure broadcast channel, since

nodes downstream will never get the frame


DOCSIS

• DOCSIS (Data-Over-Cable Service Interface Specifications) uses a combination of {FDM, random access broadcast channels, TDM, and slotted transmission with collision detection} for cable access networks


Link Layer Addressing

• C’mon, we haven’t had an address format in at least two or three days

• Here we’ll go over MAC and ARP

• As stated earlier, the adapter is the real location of a link layer address– The MAC address (a.k.a. LAN address or

physical address) is the link layer address of an adapter


MAC Address

• A MAC address usually has 6 bytes, so there are 2^48 MAC addresses– 2^48 = 281,474,976,710,656 in case you

wondered

• Each byte is expressed as two hexadecimal numbers (0-9; A-F for 10-15)– 01:90:4B:5F:31:13– Letters are case-insensitive


MAC Address

• The IEEE makes sure each MAC address is unique– The first 24 bits are assigned to the hardware

vendor; the rest are the item identifier

• MAC addresses have no other structure, and didn’t change for a given adapter– MAC addresses were supposed to be

permanent, but they can now be changed via software


MAC Address

• Like the IP address, the MAC address is used to verify that the destination host (adapter) has been reached

• The MAC broadcast address is all F’s, analogous to the 255.255.255.255 IP address– FF:FF:FF:FF:FF:FF


Address Resolution Protocol

• The Address Resolution Protocol (ARP) (no, not AARP) translates between IP addresses and MAC addresses– RFC 826, and a nice tutorial in RFC 1180

• ARP only works within the local subnet– Unlike DNS, which resolves addresses anywhere

• Each node (host / router) maintains an ARP table to map IP addresses & MAC addresses



• ARP also includes a time-to-live, which is the time before that entry is deleted– Typically starts at 20 minutes and counts

down

• A special ARP packet is broadcast to all nodes on the subnet to resolve an unknown MAC address

• ARP has query and response packets, both with the same format



• The query is sent in a broadcast frame, but the response is sent in a standard frame

• ARP builds itself – if it gets an unknown address, it works to find the information

• If a node is deleted from the network, its ARP entries get removed eventually too


ARP Off Subnet

• To send a frame outside of the local subnet, first have to use the MAC address of the interface leading out of the subnet

• Then the frame goes through a router to the correct subnet, where the interface on that subnet’s side can resolve the correct MAC using ARP


ARP Off Subnet• A creates datagram with source A, destination B

• A uses ARP to get R’s MAC address for 111.111.111.110

• A creates link-layer frame with R's MAC address as dest, frame contains A-to-B IP datagram

• A’s adapter sends frame

• R’s adapter receives frame

• R removes IP datagram from Ethernet frame, sees its destined to B

• R uses ARP to get B’s MAC address

• R creates frame containing A-to-B IP datagram sends to B

A

RB


Ethernet

• Ethernet has been king of wired LANs since the late 1970’s; why?– 1) it was the first high speed protocol*– 2) it’s cheap– 3) it has had speed increases to stay

competitive

• The original Ethernet (“thick” and “thin” Ethernet) used a bus topology

* 2.94 Mbps in 1973!


Ethernet

• Bus topology

• But now a (hub or) switch is used at the center of a star topology

hub orswitchhub orswitch

Host A

Host B

Host C

Host D

Host E


Ethernet Frame Structure

• Ethernet frames use this structure

• The Preamble is 8 bytes, the first seven of which are all 10101010, and the 8th is 10101011– Used to synchronize the clocks between sender

and receiver, since many possible speeds could be used (10 Mbps to 1000+ Mbps)



• The Destination Address is the 6-byte MAC address of the destination

• The Source Address is the sender’s MAC

• The Type field is 2 bytes to explain the network protocol which created the frame (IP, IPX, AppleTalk, etc.)



• The Data field is 46 to 1500 bytes for the IP datagram, in our case– Use “stuffing” to pad the Data to 46 B if needed– 1500 B is the max transfer unit (MTU) for

Ethernet

• Finally, the CRC field is a 4 Byte CRC code discussed earlier to detect bit errors in the frame

• So the Ethernet frame has 26 B of headers plus the data field … psst! WAKE UP!


Ethernet

• Ethernet is connectionless service, like IP and UDP – there’s no handshake

• Therefore its service is unreliable– The CRC check is used, but failed frames

are merely discarded– A lost frame here means a lost (or

incomplete) segment at the UDP layer– Ethernet is blissfully unaware if a frame is

new, or retransmitted, or even related to any other frames


Ethernet and CSMA/CD

• If a hub is used, Ethernet broadcasts to all nodes (adapters) on the LAN

• Ethernet uses CSMA/CD– No slots, just start broadcast when ready– Use carrier sensing to know when NOT

to broadcast– Stop transmitting when a collision is detected– Before retransmitting, wait a short random

time



• Efficiency can reach 100% in a LAN

• It senses a collision, or the lack of traffic by monitoring voltage levels on the link– Pause for an open line is 96 bit times, or 9.6

microsec at 10 Mbps

– If collision is detected, a 48-bit jam signal is transmitted instead of the frame, to all adapters

– Delay for the nth collision is 512*K bit times• K is random from {0,1,2,3,…,(2m – 1)} where m=min(n,10)



• Notice that the more collisions are noted, the longer the possible delay time– Called an exponential backoff

• Ethernet efficiency is messy to calculate, but comes to: – Efficiency = 1 / (1 + 5*dprop/dtrans)

• For small propagation time and/or large transmission time, this is about 1


Ethernet and LANs

• Ethernet is used for most wired LANs– 100BaseT and 1000BaseT are common

(100 Mbps and 1000 Mbps, respectively)– 10 Gigabit Ethernet is increasingly common

for servers

• A hub is frequently the center of a simple star network– Hubs operate only on physical layer


Hubs

• Hub are the village idiot of networking hardware – ok, maybe a handy village idiot– When a bit arrives on any of its adapters, it

copies it, amplifies it a little, and retransmits it on all of the other adapters

– They typically have 4-24 adapters, or ports– Cost is nil for most hubs– They do nothing for CSMA/CD


Hubs

• An adapter may malfunction and keep transmitting (a jabbering adapter), in which case the hub should detect the problem and shut off that adapter

• Fancy hubs can collect and report usage data, collision rates, frame sizes, etc

• Max of 100 meters between hub and hosts for twisted pair wire – more for optical cables– The ‘T’ in 100BaseT means twisted


Hub Hierarchy

• Hubs can be connected in a multi-tier hierarchy so that different parts of a building, or different departments, etc. can share resources

hub hubhub

hub

hub hubhub

hubbackbone


Hub Hierarchy

• The backbone hub has three LAN segments attached, each with its own hub– This extends the max distance covered

• But these are all part of the same collision domain– All segments have to share same

Ethernet speed– Limits throughput across entire network


Repeaters

• If we need to extend the range of a wired network, a repeater can be used

• It’s essentially a 2-port hub, to amplify (retransmit) the incoming signal


Link-layer Switches

• Switches operate on the link layer– Incoming Ethernet frames are examined

for the layer-2 (link layer) destination (e.g. MAC address)

– It then forwards the frame to the adapter leading to that destination (not all of the adapters)

• If the backbone hub on slide 69 were replaced by a switch, then each LAN segment is now its own collision domain


Link-layer Switches

• Switches can handle multiple network speeds– Some segments at 10 Mbps, others at 100

Mbps, etc.

– They still allow communication across the segments

– They can be combined into any size network

• They operate in full duplex (transmit and receive at once) and provide, um, switching


Switch Filtering & Forwarding

• Filtering is when a switch can decide to forward a frame or just drop it

• Forwarding is deciding which interface a frame needs to go out on, and directing it there

• A switch table is used for both filtering and forwarding


Switch Table

• A switch table has the MAC address of each node, the corresponding interface number to get to that node, and the time the entry was made

• When a frame comes in looking for a given MAC address– If the address is from the same interface it

came in on, do nothing (the frame is internal to that segment); this is filtering the frame


Switch Table

– If the address needs to go to another interface, send it there

– If the address doesn’t exist, see next slide

• Recall hubs transmit without concern for existing traffic

• A switch uses CSMA/CD to tell when to transmit, but its interfaces are not adapters (they have no MAC addresses)


Switch Learning

• The switch table is built automatically – they are self-learning– The switch table is empty to start– If a frame arrives with a MAC destination not

in the table, send it to all other interfaces– Each time a frame is received, record the

interface and address from which it came, and the current time

• If the aging time expires, remove that address from the table


Switches

• Switches are plug-and-play devices, because they configure the switch table automatically

• One can have dedicated access to a switch, with separate connections for transmitting and receiving data– This makes collisions impossible for those

hosts– Dedicated access means point-to-point

connections can be used; no multiple access protocol needed!


Switches

• Switches can help a network by:– Eliminate collisions, if there are no hubs in

the network– Have links at different speeds and different

media (copper vs fiber), but all the same protocol

– Shut off misbehaving adapters– Collect network management data (usage

rates, collision frequency, traffic types, etc.)


Switches vs Routers

• Switches are store-and-forward packet switches that use the layer 2 address– Routers use the layer 3 address

• Switches can only use the spanning tree structure– Routers can use any structure

• Switches are plug-and-play– Routers need to be maintained manually,

e.g. their IP addresses


Switches vs Routers

• A large switched-only network would need large ARP tables, and provides no protection against broadcast storms (an errant host transmitting endlessly)

• Processing time for a switch is typically less than for a router

• Bottom line – need to use routers to control larger networks, or when its intelligence is helpful, use a switch whenever possible


Hubs vs. Switches vs. Routers

Device Layer Address used

Requires inputs have same speed?

Hub Physical None Yes Switch Link MAC No Router Network IP No

Device Requires same

link protocol? Isolates collision

domains? Interfaces have

MAC addresses? Hub Yes No No Switch Yes Yes No Router No Yes Yes


VLANs

• A typical LAN has limitations– Lack of traffic isolation, unless routers are

used– Inefficient use of switches for larger LANs– Hard to manage users who change subnets

• Can solve by using a virtual LAN (VLAN)

• A switch can be configured to have many VLANS within a physical LAN


VLANs

• Can have certain switch ports assigned to each VLAN– To get data from one VLAN to another, can

use an integrated router

• That gets messy for many VLANS – instead, use trunking– A trunk port on the switch belongs to all

VLANS


VLANs

• An extended Ethernet protocol, 802.1Q, allows a 4B VLAN tag to be added to frames to identify its VLAN

– The VLAN tag is only added to the frame before and after using the trunk ports

• VLANs can also be identified by MAC addresses, network layer protocols, and other approaches


Link Virtualization: MPLS

• Multiprotocol Label Switching (MPLS) is a packet-switched virtual-circuit network• MPLS adds a header between the IP and {Ethernet or

PPP} headers• The header contains a label used for routing instead

of the IP address – similar to the VC identifier – so it doesn’t have to look up the IP address

• Routers that speak MPLS are called label-switched routers, and can do traffic engineering to define routes impossible with IP addressing

• MPLS can also be used to implement VPNs


Data Center Networking

• Data center networks can host thousands of hosts to support cloud applications• Racks contain dozens of blade servers, with a top of

rack (TOR) switch above them• Hierarchical tiers of switches and then routers help do

load balancing and connect to access and border routers to go to the Internet (Fig 5-30, p. 491)

• Heavily interconnected switches and routers form a fully connected topology


PPPPPPPPPPPPPPPPPPPPPPPP

• The Point-to-Point Protocol (PPP) is the main protocol used to connect between an ISP and a customer– Related, but not addressed here, is the

High-level Data Link Control (HDLC) protocol

• PPP could be used over many types of connection – a dial-up modem, X.25, SONET (synchronous optical network), ISDN, DSL, etc.


PPP Data Framing

• The PPP data frame steals a little from HDLC– A 1-byte Flag of ‘01111110’ starts and ends

each frame– A 1-byte Address of ‘11111111’ is next– A 1-byte Control field consists of ‘00000011’

• Pretty boring header, huh?

– Then a 1-2 byte Protocol field tells what network layer protocol will be used (hex 21=IP, 29=AppleTalk, 27=DECnet)


PPP Data Framing

– Then comes the Information (data) being transmitted

• The default max size is 1500 bytes, but that can be changed

– Then a 2 or 4 byte Checksum using the format defined by HDLC for a CRC code

– Then the other Flag field ends the frame

• So the headers and trailers total 7 to 10 B for PPP frames


Byte Stuffing

• So what if the data includes the Flag value?

• Add a control escape byte in front of it, to tell there’s a non-Flag sequence of ‘01111110’

• So the extra byte ‘01111101’ is stuffed in front of any actual data bytes which happen to be ‘01111110’


Summary

• The link layer gets us from one node (host or router) to another– All link layer protocols take network layer

datagrams and put them in frames to be sent over the physical (though not always solid) medium of the link

– A point-to-point link (PPP) has one sender and one receiver; multiple access links (Ethernet, MPLS) can have many of both

info 330 computer networking technology i

Documents

link layer frame

link layer servicesnow

different linklayer

link layer termsa node

link layer serviceslink

link layer serviceshalf

link mac

link layerthere