Module 9

Ethernet

Introduction

Ethernet is the most commonly used LAN technology in the world. The
Ethernet standard spans across both the data link layer and physical layer. Because
the role of the data link layer is to control the physical layer, physical layer
technology must have matching software at the data Link layer. Ethernet is
therefore a good technology to illustrate how the data Link layer and physical layer
work together. It also has a very practical importance because just about anyone
working with networks will use Ethernet.

Lesson 1 : the history and future of ethernet

After studying this lesson, you should be able to:

 Define the following key terms: Ethernet, bus topology, Thinnet, Thicknet, GIbabit
Ethernet and MAN.
 Describe Ethernet and understand how it works.
 Explain the past and future of Ethernet.
 Module 9– Ethernet

What is Ethernet?

Ethernet protocol is the most commonly used LAN technology in the world. Ethernet
is a combination of Data Link layer software and Physical layer hardware, because the
Physical and Data Link layers are tightly coupled.

Ethernet is a standardized protocol, and therefore, has well-defined rules for how it
operates and well-defined rules for the structure of the Data Link layer frames and Physical
layer signals it uses.

History of Ethernet

The predecessor of Ethernet had its roots in Alohanet in Hawaii in 1970 (a radio-
based network). Ethernet was developed in 1973 by Robert Metcalfe. It was published as an
open standard in 1980 by an industry consortium and then adopted as a formal standard by
IEEE as 802.3. The original version used coaxial cable but today it uses twisted pair and
fiber optic cable. Today‟s wireless LANs might even be called a version of
Ethernet.dddddddddddddddddddddddddddddddddddddddddddddddddddddd

Ethernet operates in the lower two layers of the OSI model: the Data Link layer
and the Physical layer. Ethernet performs the Data Link layer functions of framing,
addressing, media access control, and error detection. It also has physical hardware (media
and devices) that perform the functions of the Physical layer. Because Ethernet is so
popular, there are many different types of physical cabling and network devices (hubs and
switches) that it can use.

Figure 9.1 Ethernet

Module in CCNA 101 – CISCO 1 44

 Module 9– Ethernet

Layer 1 limitations were addressed at Layer 2.

Figure 9.2 Layer 1 and Layer 2

Ethernet Data Link layer today has two main parts. The LLC sublayer links Ethernet
to the upper layers, while the MAC sublayer controls the hardware.

 Logical Link Control (LLC) – 802.2: It is used to communicate with the Network
Layer.

Functions of the LLC Sublayer

o Prepares the data for the upper layers.
o Allows running multiple network protocols on the same machine. Each
protocol is assigned a specific ID.
o Implemented mainly in software.

 Media Access Control (MAC) – 802.3 : It handles MAC addressing, framing and
communication with the Physical Layer

Functions of the MAC Sublayer

o Creates the frame and addresses the frame with the source and destination
MAC address.
o Checks for any errors using the FCS field.
o Controls the assignment of frames on the media.
o Controls the recovery of the media due to collisions.
o Implemented mainly in hardware.
Module in CCNA 101 – CISCO 1 45
 Module 9– Ethernet

Figure 9.3 Data Link Sublayers

Physical Implementations

• Most of the traffic on the Internet originates and ends with Ethernet connections.

• When optical fiber media was introduced, Ethernet adapted to this new technology.

• The success of Ethernet is due to the following factors:

o Simplicity and ease of maintenance

o Ability to incorporate new technologies

o Reliability

o Low cost of installation and upgrade

 The introduction of Gigabit Ethernet has extended the original LAN technology to
distances that make Ethernet a Metropolitan Area Network (MAN) and WAN
standard.

 In today's networks, Ethernet uses UTP copper cables and optical fiber to
interconnect network devices via intermediary devices such as hubs and switches.
With all of the various media types that Ethernet supports, the Ethernet frame
structure remains consistent across all of its physical implementations. It is for this
reason that it can evolve to meet today's networking requirements.

Communication through LAN

a. Historical Ethernet

 The foundation for Ethernet technology was first established in 1970 with a program
called Alohanet. Alohanet was a digital radio network designed to transmit
information over a shared radio frequency between the Hawaiian Islands.

 Alohanet required all stations to follow a protocol in which an unacknowledged

transmission required re-transmitting after a short period of waiting. The techniques

Module in CCNA 101 – CISCO 1 46

 Module 9– Ethernet

for using a shared medium in this way were later applied to wired technology in the
form of Ethernet.

Figure 9.4 Historic Ethernet

 The first versions of Ethernet used coaxial cable to connect computers in a bus
topology. Each computer was directly connected to the backbone. These early
versions of Ethernet were known as Thicknet, (10BASE5) and Thinnet (10BASE2).

o 10BASE5, or Thicknet, used a thick coaxial that allowed for cabling distances
of up to 500 meters before the signal required a repeater.

o 10BASE2, or Thinnet, used a thin coaxial cable that was smaller in diameter
and more flexible than Thicknet and allowed for cabling distances of 185
meters.

 The early implementations of Ethernet were deployed in a low-bandwidth LAN

environment where access to the shared media was managed by CSMA, and later
CSMA/CD. In additional to being a logical bus topology at the Data Link layer,
Ethernet also used a physical bus topology. This topology became more problematic
as LANs grew larger and LAN services made increasing demands on the
infrastructure.

 The original thick coaxial and thin coaxial physical media were replaced by early
categories of UTP cables. Compared to the coaxial cables, the UTP cables were
easier to work with, lightweight, and less expensive.

 The physical topology was also changed to a star topology using hubs. Hubs
concentrate connections. In other words, they take a group of nodes and allow the
network to see them as a single unit. When a frame arrives at one port, it is copied
to the other ports so that all the segments on the LAN receive the frame.
Module in CCNA 101 – CISCO 1 47
 Module 9– Ethernet

Figure 9.5 Early Ethernet Media and Topology

b. Legacy Ethernet

 In 10BASE-T networks, typically the central point of the network segment was a
hub. This created a shared media. Because the media is shared, only one station
could successfully transmit at a time. This type of connection is described as a
half-duplex communication.

 Half Duplex communication means

o One way traffic.
o Necessary on a shared media.
o Only one device can transmit at a time.
o Collisions occur.

Figure 9.6 Hub- Based

Networks

Module in CCNA 101 – CISCO 1 48

 Module 9– Ethernet

• Ethernet with hubs is designed to work with collisions.

o Collisions occur when devices transmit at the same time.

o Managed by CSMA/CD.
o As more devices are added, more collisions occur.
o As more collisions occur, network performance degrades.

c. Current Ethernet

 100BASE-TX Ethernet

 Introduces switches to replace hubs in Ethernet-based networks

 Switches can control the flow of data by isolating each port and sending frame
only to its proper destination (if the destination is known)

 Ethernet with switches is designed to eliminate collisions.

o Each device attached to switch only receives frames destined for that
device.

o Full Duplex communication. It means:

 Two way traffic.

 Not a shared media.

 Dedicated switch connection.

 A device can transmit and receive at the same time.

 No Collisions.

Figure 9.7
Switched-Based
Networks

Module in CCNA 101 – CISCO 1 49

 Module 9– Ethernet

d. Moving to 1 Gbps and Beyond

 Gigabit Ethernet is used to describe implementations that provide bandwidth

of 1000 Mbps (1 Gbps) or greater.

 Built on the full-duplex capability and the UTP and fiber-optic media
technologies of earlier Ethernet.

 Increased cabling distances enabled by the use of fiber-optic cable in

Ethernet-based networks has resulted in a blurring of the distinction between
LANs and WANs. By using fiber optics, it can now be applied across a city
what is known as a Metropolitan Area Network.

Figure 9.8 Metropolitan

Area Networks

Lesson 1 Review Questions

Direction. Answer the following questions.

1. What are the Ethernet Layer 2 functions that overcome the limitations of
Ethernet Layer 1?

2. Differentiate the two sublayers of the Data Link Layer.

3. Describe the method of transmission on a hub.

4. What is legacy Ethernet?

5. Describe Gigabit Ethernet.

Module in CCNA 101 – CISCO 1 50

 Module 9– Ethernet

Lesson 2 : FRAMINg, ADDRESSING and media access

control
After studying this lesson, you should be able to:

 Define the following key terms: error detection, FCS, BIA, OUI, hexadecimal number
system, collision, latency, asynchronous communication, synchronous
communication, slot time, interframe spacing, jam signal and back off timing.
 Describe the fields of an Ethernet frame.
 Understand MAC address and hexadecimal addressing.
 Explain the CSMA/CD process.

Ethernet Frame

 The IEEE 802.3 Ethernet Frame format:

o Minimum frame size - 64 bytes and the maximum -1518 bytes
o The Preamble and the Start Frame Delimiter fields are not included when
describing the size of a frame.
 802.3ac standard – the maximum allowable frame size is 1522 bytes which is used
for Virtual LAN (VLAN) technology.

 Error detection is important in “fragile” environments such as wireless LANs, but is

less important in LAN environments because the probability of an error is unlikely.

o The sender performs a calculation on the frame and sends the result of the
calculation in the Frame Check Sequence (FCS) in the message trailer; the
receiver performs the same calculation and compares the result to the value
in the FCS. Ethernet uses a technique call Cyclic Redundancy Check (CRC) to
calculate the FCS, which essentially divides the data by a preset number
(using binary division) and uses the remainder as the 32-bit FCS. If it finds
an error, Ethernet simply discards the frame, so it is up to TCP to recognize
that data was lost and re-send it.

Figure 9.9 Fields of an Ethernet Frame

Module in CCNA 101 – CISCO 1 51
 Module 9– Ethernet

Fields of an Ethernet Frame

a. Preamble and Start of Frame Delimiter (SFD) – 8 bytes:

• Used to synchronize the NIC with the media in preparation for receiving a
frame.

• Is not considered part of the frame length.

• Will not appear in any capture of the frame.

b. Destination MAC Address – 6 bytes:

• Identifies the node that is to receive the frame.

• A receiving device compares its MAC address to the contents of this field.

• If the addresses match, the frame is accepted.

• Also used by switches to determine the interface to be used to forward the

frame.

c. Source MAC Address – 6 bytes:

• Identifies the node that originated the frame.

• It is also used by switches to add addresses to their internal Port / MAC

address tables.

d. Length / Type – 2 bytes:

 Length defines the exact length of the frame‟s data field. It will be used by
FCS. If the value is equal to or greater than 0x0600 hexadecimal or 1536
decimal (to enable Ethernet stations to identify the used Ethernet variant –
DIX or IEEE standard), then the contents of the Data fields are decoded
according to the protocol indicated.

 The Type field describes which protocol is implemented.

e. Data and Pad – 46 to 1500 bytes:

 The encapsulated data from Layer 3.

 Most commonly an IPv4 packet.

 If the total frame length is less than 64 bytes, the field is padded to the right
with enough null characters to meet the minimum frame length.

Module in CCNA 101 – CISCO 1 52

 Module 9– Ethernet

f. Frame Check Sequence (FCS)– 4 bytes:

 It is used to detect errors in a frame that may have occurred during

transmission along the media.

 The result of a Cyclic Redundancy Check (CRC) is placed in the frame by the
sending node.

 The receiving node performs the same CRC and compares the values….they
should be equal.

Ethernet MAC Address

• In order for a transmission to be received properly at the destination computer,

there must be a method of uniquely identifying that host.

• A unique address is permanently programmed into ROM in each NIC ("burned in“ )
when it is manufactured. Because of this, the MAC Address is often referred to as
the burned in (BIA) address or physical address of a machine.

• A MAC address is:

o 48 bits in length.
o Expressed as 12 hexadecimal digits.
o The first 6 hexadecimal digits, which are administered by the IEEE, identify
the manufacturer or vendor and thus comprise the Organizational Unique
Identifier (OUI).
o The remaining 6 hexadecimal digits comprise the interface serial number, or
another value administered by the specific vendor.

Figure 9.10
The MAC Address

Module in CCNA 101 – CISCO 1 53

 Module 9– Ethernet

• The OUI and the sequential number ensure that the assigned MAC addresses remain
unique. You will see them expressed in different ways.

Cisco MAC Address Intel MAC Address

00-60-2F-3A-07-BC 00-20-E0-6B-17-62

00:60:2F:3A:07:BC 00:20:E0:6B:17:62

0060.2F3A.07BC 0020.E06B.1762

• When a network device matches the destination address to the address in the NIC,
the NIC passes the frame up the OSI layers where the decapsulation process takes
place.

• The MAC address is essential to communications on a network. It is the only

address that guarantees that the message will be accepted by the destination.

Hexadecimal Numbering and Addressing

• A big problem with the binary system was verbosity. In order to represent the
number 202:

o Requires 3 decimal digits (202).

o Requires 8 bits (11001010).

 When representing large numbers, the binary system quickly becomes unwieldy. We
can also convert from decimal to binary but the conversion is not a trivial task.

• The hexadecimal numbering system addresses both of these issues:

o It is compact.

o It easy to convert from binary to hexadecimal and vice versa.

o Because of this most of the computers in use today use the hexadecimal
system.

• You can expect to see hex numbers represented in documents and the web in
different ways:
o 23A916 2eb6H 0FCDh „7b‟
o 0xE0 0x23facb92 %0a000c834a >34ce
o 10-00-5a-29-16-ab (NIC – e.g. ipconfig –all)
o 00:00:0C:48:8C:11 (NIC – e.g. router MAC display
o #FFFFFF (Web RGB Colour Code)
o 1080:0:0:0:8:800:200C:417A (IP Version 6 Address)

Module in CCNA 101 – CISCO 1 54

 Module 9– Ethernet

Figure 9.11 Binary

Data Organization

Hexadecimal and Binary

 Hexadecimal numbering is base 16 and requires a way to represent the values 0 to

15:

Hex 0 1 2 3 4 5 6 7 8 9 A B C D E F

Decimal 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

• Each hexadecimal digit is represented in binary by one nibble (4 bits).

Bit No. 3 2 1 0

Value 8 4 2 1

 A byte is 8 bits (2 nibbles).

Bit No. 7 6 5 4 3 2 1 0

Value 128 64 32 16 8 4 2 1

 Each byte is represented by a group of 2 hexadecimal digits and each word by a

group of 4 digits.

o e.g. 0x1234, 0xBEEF, 0xDEAF, 0xDEAD, 0xFEED

o Bytes are usually, but not always, separated by a colon (:), a dash (–) or a
space. Example : 0x12:34 0xBE-EF 0xDE AF

Module in CCNA 101 – CISCO 1 55

 Module 9– Ethernet

Converting Hexadecimal to Binary

 Convert 0xCA to Binary…….

o Convert each hexadecimal digit to its binary equivalent.
C = 1100 (12) A = 1010 (10)
o Combine the nibbles in the same sequence to form the complete byte.
11001010
Result: 0xCA = 11001010 = 202
Hex – binary – decimal

Figure 9.12 Hexadecimal Addressing

Module in CCNA 101 – CISCO 1 56

 Module 9– Ethernet

Figure 9.13 Viewing the MAC Address of a Device

 Use the command ipconfig /all at the command prompt to view the MAC
address/physical address of a device.

 Some points of MAC Address

o MAC addresses are non-hierarchical. They have no meaning outside the local
network media.
o Network address is needed to forward packets to destination network.
o MAC address is used in local network only.

Figure 9.14 Different Layers of Addressing

Module in CCNA 101 – CISCO 1 57

 Module 9– Ethernet

Special Addresses

• In Ethernet, MAC addresses are used to provide different types of communication.

o Unicast (One to one): A unique address identifying a specific host. A frame is

sent from a single transmitting device to a single destination device.
o Multicast (One to Many): An address recognized by a specific group of hosts. It
allows a source device to send packet to group of devices. Devices that belong to
a multicast group are assigned a multicast group IP address within the range of
224.0.0.0 to 239.255.255.255. The multicast MAC address is a special value that
begins with 01-00-5E in hexadecimal.
o Broadcast (One to All): An address used to send information to all hosts. All
hosts on that local network (broadcast domain) will receive and process the
packet. Broadcast MAC address is 48 ones displayed as hexadecimal FF-FF-FF-
FF-FF-FF.
Example: DHCP and ARP

Media Access Control in Ethernet

• In a shared media environment, all devices have guaranteed access to the medium
but they have no prioritized claim on it.

• If more than one device transmits simultaneously,

o The physical signals collide.

o The network must recover.

• Collisions are the cost that Ethernet pays to get the low overhead associated with
each transmission.

• Ethernet uses Carrier Sense Multiple Access with Collision Detection (CSMA/CD) to
detect and handle collisions and manage the resumption of communications.

CSMA/CD: The Process

• To transmit, each host will listen on the media. If a signal from another device is
present, it will wait for a specific amount of time and listen again. If no signal is
present, it will transmit.

• It can happen that two devices will determine that it is safe to transmit at exactly
the same time. In that case, both will transmit their frame. It will result in a collision.
Module in CCNA 101 – CISCO 1 58
 Module 9– Ethernet

• Both devices detect the collision and send out a jamming signal. The jamming signal
is detected by all devices and all devices now know that a collision has occurred on
the network.

• The jamming signal causes each device to invoke a backoff algorithm. Devices wait a
random amount of time before returning to listening mode. The random time
ensures that the original devices that caused the collision won‟t repeat it.

Figure 9.15
CSMA/CD: The Process

Ethernet Timing and Synchronization

• Latency

o Each transmission encounters a certain amount of delay before reaching the

destination.

o Every network device encountered in the path adds to the delay or increases
the latency of the transmission.

o Increases the chance of collisions.

 Asynchronous and Synchronous Communication

o Asynchronous – Each receiving device will use the 8 bytes of timing

information to synchronize the receive circuit to the incoming data and then
discarded the 8 bytes. It is used in 10 mbps or slower.

o Synchronous – The timing information is not required. It is implemented in

100 mbps or higher.

 Bit time

o The period of time required for a bit to be placed and sensed on the media.

Module in CCNA 101 – CISCO 1 59

 Module 9– Ethernet

 Slot Time

o It is the time for an electronic pulse to travel the length of the maximum
theoretical distance between two nodes. It is also the time a transmitting
wait before attempting to retransmit following a collision.

 Interframe Spacing

o The Ethernet standard requires a minimum spacing between two non-

colliding frames. This gives the media time to stabilize after the transmission
of the previous frame and time for the devices to process the frame.

 Jam Signal:
o As soon as a collision is detected, the sending devices transmit a 32-bit "jam"
signal - simply a repeating 1, 0, 1, 0 pattern.

o Less than 64 bytes (runt).

o Avoids detection of the jam signal as a frame.

 Backoff Timing:
o If a collision occurs, all devices wait a random amount of time before
listening again.

o If media congestion results in the MAC layer unable to send the frame after
16 attempts, it gives up and generates an error to the Network layer.

Lesson 2 Review Questions

Direction. Answer the following questions.

1. What is the Frame Check Sequence (FCS)? What is the algorithm used in
determining the value of the FCS?

2. Define the two parts of an Ethernet MAC address.

3. What is the difference between physical (Network Layer) and logical (Data Link
Layer) addressing?

4. Explain unicast, multicast and broadcast transmission.

5. How does a shared media environment operate?

6. Describe the CSMA/CD Process.

Module in CCNA 101 – CISCO 1 60

 Module 9– Ethernet

Lesson 3 : cabling, hubs and switches

After studying this lesson, you should be able to:

 Define the following key terms: collision domain, broadcast domain, learning, aging,
flooding, selective forwarding and filtering.
 Review the Ethernet-specific cables.
 Describe switches and hubs.
 Explain Address Resolution Protocol (ARP) and its process.

Ethernet Physical Layer

• The differences between standard Ethernet, Fast Ethernet, Gigabit Ethernet, and 10
Gigabit Ethernet occur at the Physical layer.

• Ethernet is covered by the IEEE 802.3 standards.

• Four data rates over fiber and twisted pair:

o 10 Mbps - 10Base-T Ethernet

o 100 Mbps - Fast Ethernet
o 1000 Mbps - Gigabit Ethernet
o 10 Gbps - 10 Gigabit Ethernet

Ethernet Type Bandwidth Cable Type Maximum Distance (m)

10BASE5 10 Mbps Thick Coax 500

10BASE2 10 Mbps Thin Coax 185

10BASE-T 10 Mbps Cat3/Cat5 UTP 100

100BASE-TX 100 Mbps Cat5 UTP 100

100BASE-FX 100 Mbps MM or SM Fiber 400/2000

1000BASE-T 1 Gbps Cat5e UTP 100

1000BASE-TX 1 Gbps Cat6 UTP 100

1000BASE-SX 1 Gbps MM Fiber 550

1000BASE-LX 1 Gbps SM Fiber 2000

10GBASE-T 10 Gbps Cat6a/Cat7 UTP 100

10GBASE-LX4 10 Gbps MM Fiber 300

10GBASE-LX4 10Gbps SM Fiber 10,000

Module in CCNA 101 – CISCO 1 61

 Module 9– Ethernet

a. 10 Mbps Ethernet

 10BASE5 using Thicknet coaxial cable.

 10BASE2 using Thinnet coaxial cable.

o Early implementations and no longer supported under 802.3 standard.

 10BASE-T using Cat3/Cat5 unshielded twisted-pair cable.

o Considered to be classic Ethernet.

o Physical star topology.

o Up to 100 meters in length.

o 10BASE-T uses two pairs of a four-pair cable terminated with an RJ-45

jack.

Pins 1 and 2 – Transmit Pins 3 and 6 - Receive

o Generally not chosen for new LAN installations.

o There are still many 10BASE-T Ethernet networks in existence today.

o Links connected to a switch can support either half-duplex or full-duplex

operation.

b. 100 Mbps: Fast Ethernet

 100 Mbps Ethernet implemented using twisted-pair copper wire or fiber media.

 100BASE-TX using Cat5 or later UTP

o Either two pairs of Category 5 UTP copper wire or two strands of optical
fiber.

o Uses the same two pairs of UTP as 10BASE-T.

o Pins 1 and 2 – Transmit Pins 3 and 6 – Receive

o Requires Category 5 or later UTP.

o Physical star topology.

o 100BASE-TX networks typically use a switch at the center of the star

instead of a hub.

Module in CCNA 101 – CISCO 1 62

 Module 9– Ethernet

 100BASE-FX using fiber-optic cable

o Uses the same signaling procedure as 100BASE-TX.

o Uses optical fiber media rather than UTP copper.

o 100BASE-FX uses Low Cost Fiber Interface Connectors (commonly called the
duplex SC connector).

o Fiber implementations are point-to-point connections:

 Two computers

 A computer and a switch

 Between two switches.

 Because the higher frequency signals used in Fast Ethernet are more susceptible to
noise, two separate encoding steps are used by 100-Mbps Ethernet to enhance
signal integrity.

b. 1000 Mbps: Gigabit Ethernet

 The development of Gigabit Ethernet standards resulted in specifications for UTP

copper, single-mode fiber, and multimode fiber.

 With signals occurring in less time, the bits become more susceptible to noise, and
therefore timing is critical.

 Gigabit Ethernet uses two separate encoding steps.

o More efficient to use codes that represent the binary bit stream.

o Synchronization.

o Efficient usage of bandwidth.

o Improved tolerance to noise

 1000BASE-T Ethernet:

o Full-duplex transmission using all four pairs in Category 5 or later UTP cable.

o Gigabit Ethernet over copper wire enables an increase from 100 Mbps per
wire pair to 125 Mbps per wire pair.

o 500 Mbps for the four pairs.

o Each wire pair signals in full duplex, doubling the 500 Mbps to 1000 Mbps.

Module in CCNA 101 – CISCO 1 63

 Module 9– Ethernet

o Allows the transmission and reception of data in both directions - on the

same wire and at the same time.

o This traffic flow creates permanent collisions on the wire pairs.

o The hybrid circuits detecting the signals use sophisticated techniques such
as:

 Echo cancellation.

 Layer 1 Forward Error Correction (FEC).

 Selection of varying voltage levels.

 1000BASE-SX and 1000BASE-LX:

o Advantages over UTP: Noise immunity, small physical size and increased
unrepeated distances and bandwidth.

o Support full-duplex binary transmission at 1250 Mbps over two strands of

optical fiber.

Hubs and Switches

• Collision Domain: The area of a network where collisions can occur. It includes a hub
and all connected devices. Each port on a switch is considered a separate collision
domain even if there is only one device attached to the port.

• Broadcast Domain: The area of a network where connected devices can receive a
broadcast.It usually includes Layer 1 and 2 devices. A collection of collision domains.
A router (Layer 3 device) is the usual boundary since routers block broadcasts.

• Adding devices to the network or extend the size of LAN using hubs will reduce the
network‟s efficiency and effectiveness.

• Although CSMA/CD is a frame collision management system, it was designed to

manage collisions for only limited numbers of devices and on networks with light
network usage.

• We need switches to elevate the network performance.

Legacy Ethernet: Using Hubs

• So, what does a hub do when it receives information? Remember, a hub is nothing
more than a multiport repeater.

• The hub will flood it out all ports except for the incoming port.

Module in CCNA 101 – CISCO 1 64

 Module 9– Ethernet

• A hub is a Layer 1 device and does NOT look at Layer 2 addresses, so it is fast in
transmitting data.

• A hub or series of hubs is called a single collision domain.

• Disadvantages of Using Hubs:

o More Collision Domains – Network with larger number of nodes on the same
segment has a larger collision domain and typically has more traffic. As the
amount of traffic in the network increases, the likelihood of collision
increases.

o Wasted Bandwidth

o All ports of the hub share the total available bandwidth.

o Limited Scalability – With each increase in the number of devices on the

media, performance is degraded.

o Increased Latency – Increasing the length of the media or the number of

hubs and repeaters connected to a segment results in increased latency.

 Why hubs are still being used?

o Availability – Early Ethernet networks used UTP hubs and many of them
remain in operation today.

o Economics – Switches were rather expensive.

o Requirements – In some circumstances, a shared media will still siffuce and

these products remain on the market.

Ethernet: Using Switches

• Switches are also known as learning bridges or learning switches.

• A switch has a source address table in cache (RAM) where it stores source MAC
addresses for each port.

• Switch receives an Ethernet frame. It searches the source address table for the
destination MAC address

• If it finds a match, it forwards the frame by only sending it out that port (selective
forwarding). If the destination address is not in the table, it floods it out all ports.

Module in CCNA 101 – CISCO 1 65

 Module 9– Ethernet

• Three Advantages of Using Switches

• Dedicated Bandwidth to each port – each device effectively has a dedicated

point – to – point connection between the device and the switch, without
media contention.

• Collision –Free environment – A dedicated point – to – point connection to a

switch also removes any media contention between devices, allowing a node
to operate with few or no collisions.ssssssssssssssssssssssssssssssssssssssss

• Full Duplex Operation – Switching also allows a network to operate as a full-

duplex Ethernet environment. The devices connected directly to the switch
port can transmit and receive simultaneously, at the full media bandwidth.

How does a switch learn an address?

• First, the switch will see if the source

address (1111) is in it‟s table.

• If it is, it resets a timer.

• If it is NOT in the table it adds it, with the port

number.

• Next the switch will flood the frame out all

other ports, because the destination address
is not in the source address table.

• Most communications involve some

sort of client-server relationship or
exchange of information.

• Now 3333 sends data back to 1111.

• The switch sees if it has the source

address stored. It does NOT so it
adds it.

• Next, it checks the destination

address and sends it out port 1

Module in CCNA 101 – CISCO 1 66

 Module 9– Ethernet

• Now, with both MAC addresses in

the table, any information between
1111 and 3333 can be sent
(selectively forwarded) out the
appropriate port.

Switches: Five Basic Operations

Ethernet LAN switches use five basic operations.

• Learning : Records or adds source MAC address/port to the table.

• Aging : Addresses will be cleared after a specific length of inactivity. It is a mean

of removing old entries in the MAC table.

• Flooding : Sends a frame out all ports except incoming port if destination is
unknown.

• Selective Forwarding : Sends frame only to destination port if destination is

known

• Filtering : In some cases, a frame is not forwarded. Example of cases:

o A switch does not forward a frame to the same port on which it

arrived

o Corrupted frame.

o Security is set

Module in CCNA 101 – CISCO 1 67

 Module 9– Ethernet

Address Resolution Protocol (ARP)

 The ARP process provides two basic functions:

o Resolving IPv4 addresses to MAC addresses.

o Maintaining a cache of mappings.

o Once the packet is sent, these addresses do not change.

 All frames must be delivered to a node on the local network segment. What if the
destination host IS NOT on the local network?

 We need Proxy ARP or Default Gateway in this case.

Resolving IPv4 addresses to MAC Addresses

There are two address types:

 MAC address:

o Physical address of the host

o Burned in to the NIC

o Layer 2 address

 Network Address:

o Logical address of the host

o Assigned by network administrator

o Layer 3 address

 Physical (MAC):

o The physical address uniquely identifies the host from all other hosts on all
other networks at Layer 2.

o This is the address that is absolutely necessary to get the information into
the host. The IP address by itself won't accomplish that.

Module in CCNA 101 – CISCO 1 68

 Module 9– Ethernet

• Logical (IP):

o The logical address uniquely identifies the host and the network to which it
belongs at Layer 3.

o Routers base their decisions on the IP address when determining the best
path for the packet.

• So…..how do we obtain both addresses to build the packets and frames?

MAC Address: ARP (Address Resolution Protocol)

IP Address: Static and Dynamic

 ARP binds an IP address to a MAC address.

 Devices, (hosts, routers, servers, etc.) use IP addresses to reach other devices
within their own network/subnet or across different networks/subnets.

 The Layer 3 IP addresses in the packet consist of both the original source and the
final destination address.

 Data Link layer addresses, such as Ethernet MAC addresses are used to get the IP
packet from one hop to the next.

 If the sender and the receiver are on different networks (or subnets) the data link
address in the data link frame will be modified to reflect the new data link address
source and destination.

 Again, the IP addresses in the Layer 3 packet do not change.

 Why do devices need to map a MAC address to an IP address? There is no built-in

connection or relationship between the MAC (physical) address and the assigned IP
(logical) address.

 IP hosts and routers use Address Resolution Protocol (ARP) to resolve a known IP
address to the corresponding MAC address.

The ARP Process: Issues

• Overhead on the Media

o As a broadcast frame, an ARP request is received and processed by every

device on the local network.

o Usually minimal but can be significant if all users and devices were to power
up and start using network services at the same time.

Module in CCNA 101 – CISCO 1 69

 Module 9– Ethernet

 Security
o ARP spoofing, or ARP poisoning, is a technique used by an attacker to inject
the wrong MAC address association into a network by issuing fake ARP
requests.

o An attacker forges the MAC address of a device and then frames can be sent
to the wrong destination.

Ethernet encapsulates an ARP packet in the same manner as an IP packet as it

travels on the physical network from one computer to another.

ARP is a separate protocol residing at Layer 3 of the OSI Model and does not use the
services of IP since ARP requests are never routed.

Lesson 3 Review Questions

Directions: Answer the following questions.

1. Describe Gigabit Ethernet.

2. Differentiate collision and broadcast domain.

3. What are the three reasons that bandwidth increases dramatically when each
device is connected to a switch port?

4. Describe the five basic operations of a switch.

5. What are the two basic functions of ARP?

6. What is another problem that may be associated with ARP?

Module 9 Quiz

Directions. On the space provided before each number, write the letter of the correct
answer.

_________1. Where does Ethernet operate?

A. The physical layer and the logical link control sublayer
B. The physical layer and the media access control sublayer
C. The data link layer and the logical link control sublayer
D. The data link layer and the media access control sublayer

Module in CCNA 101 – CISCO 1 70

 Module 9– Ethernet

_________2. Ethernet is now operated on networks with physical topology that is a star or
extended star. What is the underlying logical topology?
A. Extended star C. Ring
B. Multi-access bus D. Mesh

_________3. What is the function of CSMA/CD?

A. Prevents collisions on shared media
B. Manages the problems that result from collisions
C. Provides the addressing scheme for Ethernet
D. Encodes signals and places them on the medium

_________4. What was the advantage of replacing a physical bus topology with a physical
star topology using hubs?
A. The cables are no longer shared media
B. There are no collisions
C. A fault in one cable will not bring down the entire network
D. It allowed cheaper coaxial cable to be used

_________5. How big is an Ethernet frame?

A. 32 to 64 bytes C. 64 to 1522 bytes
B. 64 to 128 bytes D. 128 to 1522 bytes

_________6. Workstation A is connected to an Ethernet network by a hub. Can full duplex

be operated on the link?
A. No, because workstation NICs cannot operate with full duplex.
B. No, because the medium is shared.
C. Yes, because only the workstation and the hub are on the cable.
D. Yes, Ethernet networks should always be run with full duplex

_________ 7. Where does a workstation get its MAC address?

A. It is burned into the network card ROM during manufacture.
B. It is configured by an administrator.
C. It is allocated dynamically by a DHCP server.
D. It is allocated by the local switch.

_________ 8. How long is a MAC address?

A. 24 bits C. 64 bits
B. 48 bits D. 4 bytes

_________9. The hexadecimal equivalent of the binary number 11000111 is:

A. 127 C. 199
B. C7 D. 3013

Module in CCNA 101 – CISCO 1 71

 Module 9– Ethernet

_________10. What is the name for the time taken for a host to put one bit on the
medium?
A. Bit time C. Propagation delay
B. Slot time D. Interframe spacing

_________11. A host needs to find the MAC address corresponding to a known IP address.
What can it do?
A. Send an ARP request using a level 3 broadcast.
B. Send an ARP request using a level 2 broadcast.
C. Send a DHCP request to the local server
D. Send a MAC request to the switch

_________12. Which statement is true about collision domains and hubs?

A. Replacing one of the hubs in a network with a switch will increase the
number of collision domains but make them smaller.
B. Replacing one of the hubs in a network with a switch will decrease the
number of collision domains.
C. Replacing a hub with a switch will always eliminate all collisions.
D. Every PC connected to a hub has its own cable and therefore the medium is
not shared.

_________ 13. What is the name for the minimum time between the end of one frame and
the start of the next?
A. Bit time C. Propagation Delay
B. Slot time D. Interframe Spacing

_________ 14. Which MAC address is used for broadcasts on Ethernet networks?
A. 00:00:00:00:00:00 C. FF:FF:FF:FF:FF:FF
B. 99:99:99:99:99:99 D. 255.255.255.255

_________ 15. What happens if you add PCs to a network, connecting them using hubs?
A. You get more collision domains.
B. You increase the size of the collision domain.
C. You get more bandwidth per host.
D. You need to use full duplex operation.

Module in CCNA 101 – CISCO 1 72