Chapter 4: Ethernet

Fundamental of Computer Networking

By: Tigabu Dagne

 Chapter 4: Objectives
In this chapter, you will learn to:

 Describe the operation of the Ethernet sublayers.

 Identify the major fields of the Ethernet frame.
 Describe the purpose and characteristics of the Ethernet MAC address.
 Describe the purpose of ARP.
 Explain how ARP requests impact network and host performance.
 Explain basic switching concepts.
 Ethernet Protocol

• Ethernet – Most common LAN technology used today.

 Supports data bandwidths of 10, 100, 1000, 10,000, 40,000,
and 100,000 Mbps (100 Gbps)
• Operates in the data link layer and the physical layer.
• Defined in the IEEE 802.2 and 802.3 standards.
• Ethernet relies on the two separate sublayers of the
data link layer to operate:
 Logical Link Control (LLC)
 MAC
Network Interface Card (NIC)

4
 Network Interface Card (NIC)

Network Interface Card (NIC)

• Layer 2, Data Link Layer, device
• Connects the device (computer) to the LAN
• Responsible for the local Layer 2 address
• Common Layer 2 NICs:
 Ethernet
• Common Bandwidth
– 10 Mbps, 10/100 Mbps, 10/100/1000 Mbps

5
Tracing the Physical Connection NIC

6
Connecting the NIC to Switch…

7
From PC to Ethernet Port…

8
From Ethernet Port to Patch Panel…
Back View Front View

9
From Patch Panel to Switch (or hub)

10
From PC to Switch

11
 Ethernet is Best Effort Delivery

• Ethernet is best-
effort delivery,
no guarantee.
• Like a trucking
service, it
doesn’t really
know or care
about the what it
is carrying.

12
All of that is the same as these!

13
 Our focus!

• Ethernet protocol is only concerned with how

the information gets from one Ethernet NIC to
another.

14
 Ethernet Protocol

LLC
• Handles communication between upper and lower layers
• Takes the network protocol data and adds control information to
help deliver the packet to the destination
 Ethernet Protocol

MAC
• Constitutes the lower sublayer of the data link layer
• Implemented by hardware, typically in the computer NIC
• Two primary responsibilities:
• Data encapsulation
• Media access control
 Ethernet Operation

MAC Sublayer
Application Application Layer
Header + data

Layer 4: Transport Layer

Layer 3: Network Layer

Layer 2: Data
Link Layer

010010100100100100111010010001101000… Layer 1: Physical

Layer
Data encapsulation
•Frame assembly before transmission and frame disassembly upon reception of a
frame
•MAC layer adds a header and trailer to the network layer PDU
 Ethernet Operation

MAC Sublayer

Data encapsulation provides three primary functions:

Frame delimiting – identifies a group of bits that make up a frame,
synchronization between the transmitting and receiving nodes
Addressing – each Ethernet header added in the frame contains the physical
address (MAC address) that enables a frame to be delivered to a destination node
Error detection - each Ethernet frame contains a trailer with a cyclic redundancy
check (CRC) of the frame contents
 Ethernet Operation

MAC Sublayer

Media Access Control

• Responsible for the placement/removal of frames on the media
• Communicates directly with the physical layer
• If multiple devices on a single medium attempt to forward data
simultaneously, the data will collide resulting in corrupted, unusable
data
• Ethernet provides a method for controlling how the nodes share
access through the use a Carrier Sense Multiple Access (CSMA)
technology
 Ethernet Operation

Media Access
Control

Carrier Sense Multiple Access (CSMA) process

• Used to first detect if the media is carrying a signal
• If no carrier signal is detected, the device transmits its data
• If two devices transmit at the same time - data collision
 CSMA/CD and Collisions
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
• Listens to the network’s shared media to see if any other users on
“on the line” by trying to sense a neutral electrical signal or carrier.
• If no transmission is sensed, then multiple access allows anyone
onto the media without any further permission required.
• If two PCs detect a neutral signal and access the shared media at the
exact same time, a collision occurs and is detected.
• The PCs sense the collision by being unable to deliver the entire
frame (coming soon) onto the network. (This is why there are
minimum frame lengths along with cable distance and speed
limitations.)
• When a collision occurs, a jamming signal is sent out by the first PC
to detect the collision.
• Using either a priority or random backoff scheme, the PCs wait
certain amount of time before retransmitting.
• If collisions continue to occur, the PCs random interval is doubled,
lessening the chances of a collision.
21
 Ethernet Operation

Media Access Control

CSMA/Collision Detection
•With today’s intermediate devices (full-duplex switches), collisions do not occur
•Processes utilized by CSMA/CD are really unnecessary

CSMA/Collision Avoidance (CSMA/CA) media access method

•Device examines the media for the presence of data signal - if the media is free,
the device sends a notification across the media of its intent to use it
•The device then sends the data.
•Used by 802.11 wireless networking technologies
 Ethernet Operation

MAC Address: Ethernet Identity

• Layer 2 Ethernet MAC address is a 48-bit binary value expressed as

12 hexadecimal digits
 IEEE requires a vendor to follow two simple rules:
1. Must use that vendor's assigned OUI as the first 3 bytes
2. All MAC addresses with the same OUI must be assigned a unique
value in the last 3 bytes
 Ethernet Operation
Frame Processing

 Every device with an Ethernet NIC has a MAC addresses assigned:

 workstations, servers, printers, switches, and routers
 MAC addresses are sometimes referred to as burned-in addresses (BIAs)
 Examples: 00-05-9A-3C-78-00, 00:05:9A:3C:78:00, or 0005.9A3C.7800
 Ethernet header contains the source and destination MAC address
 Each NIC views information to see if the destination MAC address in the frame
matches the device’s physical MAC address stored in RAM
 No match, the device discards the frame
 Matches the destination MAC of the frame, the NIC passes the frame up the OSI
layers, where the decapsulation process takes place
 The MAC Address

MAC MAC Address

Address

• The Ethernet protocol uses MAC addresses to identify the source of the Ethernet frame
and the destination of the Ethernet frame.
• Whenever is computer sends an Ethernet frame, it includes the MAC address on its NIC
as the Source “MAC” Address.

25
Frame Forwarding

26
 Ethernet Frame Attributes
Ethernet Encapsulation
 Early versions of Ethernet were relatively slow at 10 Mbps
 Now operate at 10 Gigabits per second and faster
 Ethernet frame structure adds headers and trailers around the Layer 3 PDU to
encapsulate the message being sent

Ethernet II is the Ethernet

frame format used in TCP/IP
networks.
 Evolution of the Ethernet Standard
• 1979 Bob Metcalfe developed Ethernet at XEROX PARC
• 1980 DEC-Intel-Xerox (DIX) publish first original 10 Mbps Ethernet Standard over thick
coaxial cable
• 1985 IEEE 802.3 used DIX standard and published standard with the title IEEE 802.3
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Access Method and
Physical Layer Specifications
• Supplements
– 1985 10BASE2 Thin Ethernet
– 1990 10BASE-T Twisted-pair
– 1995 100BASE-T Fast Ethernet and Autonegotiation
– 1997 Full Duplex Standard
– 1998 1000BASE-X Gigabit Ethernet

28
 Ethernet Frame Attributes
Ethernet Frame Size

 Ethernet II and IEEE 802.3 standards define:

 minimum frame size as 64 bytes
 maximum as 1518 bytes
 "collision fragment" or "runt frame” – Frame less than 64 bytes
 If size of a transmitted frame is less than the minimum or greater than the
maximum, the receiving device drops the frame
 At the physical layer, different versions of Ethernet vary in their method for
detecting and placing data on the media
 Ethernet Frame Attributes

Introduction to the Ethernet Frame

TYPE

Preamble and Start Frame Length Field (Prior to Data and Pad Fields
Delimiter Fields 1997) Contain the
Used for synchronization encapsulated data
Defines the exact length from a higher layer, an
between the sending and
receiving devices of the frame's data field IPv4 packet

Type Field
Describes which protocol
is implemented
 Ethernet Frame Attributes

Introduction to the Ethernet Frame

Frame Check Sequence Field

Used to detect errors in a frame with cyclic
redundancy check (4 bytes), if calculations
match at source and receiver, no error occurred.
 Ethernet MAC

MAC Addresses and Hexadecimal

 Ethernet MAC

MAC Address Representations

 MAC Address Format

Dec Bin Hex Dec Bin Hex

0 = 0000 = 0 8 = 1000 = 8
1 = 0001 = 1 9 = 1001 = 9
2 = 0010 = 2 10 = 1010 = A
3 = 0011 = 3 11 = 1011 = B
4 = 0100 = 4 12 = 1100 = C
5 = 0101 = 5 13 = 1101 = D
6 = 0110 = 6 14 = 1110 = E
7 = 0111 = 7 15 = 1111 = F

OUI unique
• An Intel MAC address: 00-21-CC-BA-44-C4
• 0000 0000 - 0010 0001 – 1100 1100 - 1011 1010 – 0100 0100 – 1100 0100
• IEEE OUI FAQs: http://standards.ieee.org/faqs/OUI.html

34
What is the Address on my NIC?

35
 Ethernet MAC

Unicast MAC Address

 Ethernet MAC

Broadcast MAC Address

 Ethernet MAC
Multicast MAC Address

Multicast MAC address is a special

Range of IPV4 multicast addresses is
value that begins with 01-00-5E in
224.0.0.0 to 239.255.255.255
hexadecimal
 Ethernet MAC
NIC-to-NIC Connectivity (same network) - MAC

End-to-End Connectivity (same or different network) – IP

 Switching Process
For every frame that enters a switch…
• Learning Stage (Building/Updating of SAT/MAC table)
– Examines Source MAC Address:
• If Source MAC Address is in the SAT/MAC table, update 5 minute timer
• If Source MAC Address is NOT in the SAT/MAC table, add Source MAC
Address and incoming port number to SAT/MAC table
• Forwarding Stage (Flood or Filter)
– Examines Destination MAC Address:
• If Destination MAC Address is in the SAT/MAC table, forward the
frame only out that port (Filter), unless it is the outgoing port is the
same as the incoming port (checks Source MAC Address)
• If Destination MAC Address is NOT in the SAT/MAC table, forward the
frame only out all ports except incoming port (Flood)

41
 Learn: Examine Source MAC Address

MAC Address Table

Port MAC Address

1 2 3 4

A B C D
MAC MAC MAC MAC
00-0A 00-0B 00-0C 00-0D

MAC addresses are shortened for demonstration purposes.

 Learn: Examine Source MAC Address
MAC Address Table
Port MAC Address
Port and Source MAC
2 1 00-0A
address added I don’t have this source
MAC address and the
incoming port in my table
1 2 3 4 so I will add it.

1
A B C D
1
MAC MAC MAC MAC
00-0A 00-0B 00-0C 00-0D

2
Destination MAC Source MAC
Type Data FCS
00-0D 00-0A

MAC addresses are shortened for demonstration purposes.

 Forward: Examine Destination MAC Address
MAC Address Table
Port MAC Address
1 00-0A I don’t have this
Destination MAC
destination MAC address in
address not in table 1 my table so I will send this
unknown unicast out all
1 2 3 4 ports.

1
2
A B C D
2
MAC MAC MAC MAC
00-0A 00-0B 00-0C 00-0D

Destination MAC Source MAC

Type Data FCS
00-0D 00-0A

MAC addresses are shortened for demonstration purposes.

 Learn: Examine Source MAC Address
MAC Address Table
Port MAC Address
1 I don’t have this source MAC
00-0A
Port and Source MAC
4 address and the incoming port
address added 1 00-0D
in my table so I will add it.

1 2 3 4

1
1
A B C D
2
MAC MAC MAC MAC
00-0A 00-0B 00-0C 00-0D
3
Destination MAC Source MAC
00-0A Type Data FCS
00-0D

MAC addresses are shortened for demonstration purposes.

 Forward: Examine Destination MAC Address
MAC Address Table
Port MAC Address
2 1 00-0A I know the destination MAC
4 00-0D address so I will only forward
the frame out port 1.

1 2 3 4

1
2
A B C D
2
MAC MAC MAC MAC
00-0A 00-0B 00-0C 00-0D
3
Destination MAC Source MAC
00-0A 00-0D Type Data FCS

MAC addresses are shortened for demonstration purposes.

 Learn: Examine Source MAC Address

MAC Address Table

Port MAC Address
1 00-0A
4 00-0D

1 2 3 4

1
1 2
A B C D
2
MAC MAC MAC MAC
00-0A 00-0B 00-0C 00-0D

3
Destination MAC Source MAC
00-0D Type Data FCS
00-0A

MAC addresses are shortened for demonstration purposes.

 Ethernet Addresses Layer 1
Limitations
Layer 1 Limitations
• Layer 1 cannot communicate with the
upper-level layers.
• Layer 1 can only describe streams of
bits.
• Layer 1 cannot identify computers on a
segment.
• Layer 1 is unable to decipher which
computer will transmit binary data
from a group of computers which are
all trying to transmit at the same time.
Layer 2 Solutions
• The (LLC) sublayer communicates with
Layer 3.
• The MAC sublayer uses framing to
control the placement of frames.
• The MAC sublayer uses MAC addresses
to identify local hosts.
• The MAC sublayer uses uses the
CSMA/CD Media Access Control
method.
48
 Hubs and Collision Domains

Sending host

Receiving host

collision domain is a set of LAN devices whose frames could collide with one another

49
Hubs and Collision Domains

Collision

Sending host

Receiving host

50
 Where are the collision domains?
What would be the duplex settings?

router

hub hub

hub hub hub hub hub hub

51
 Where are the collision domains?
Single Collision Domain
router

hub hub

hub hub hub hub hub hub

52
 What would be the duplex settings?
Half-duplex
router

hub hub

hub hub hub hub hub hub

hub

Half-duplex 53
 Where are the collision domains?
What would be the duplex settings?

router

switch switch

hub hub hub hub hub hub

54
 Where are the collision domains?
What would be the duplex settings?

router

switch switch

hub hub hub hub hub hub

Collision Domains Collision Domains

55
 What would be the duplex settings?
Half-duplex
router
Full-duplex
switch switch

hub hub hub hub hub hub

hub

Half-duplex 56
 Where are the collision domains?
What would be the duplex settings?

router

switch switch

switch hub hub switch switch switch

57
 Where are the collision domains?
router

switch switch

switch hub hub switch switch switch

Collision Domains

58
 What would be the duplex settings?
Half-duplex
router
Full-duplex
switch switch

switch hub hub switch switch switch

switch

Full-duplex 59
 All scenarios are multi-
access networks

router

switch switch

switch hub hub switch switch switch

60
 Duplex and Speed Settings

PC-A

Port 1

Autonegotiation

Duplex Full Full Duplex

Half Half

1000 Mb/s Speed

Speed 100 Mb/s 100 Mb/s

10 Mb/s 10 Mb/s
 Duplex Mismatch

I’m full-duplex so I can I’m half-duplex so I can only

send when ever I send when the link is clear
want. but I am also getting a lot of 1
collisions!

S1 Full-duplex S2
Half-duplex

S2 will continually experience collisions because S1

keeps sending frames any time it has something to
send.
 Full Duplex Operation

• A Cisco Catalyst switch supports three duplex settings:

– The full option sets full-duplex mode.
– The half option sets half-duplex mode.
– The auto option sets autonegotiation of duplex mode which enables two
ports to decide the best mode of operation.

• For Fast Ethernet and 10/100/1000 ports, the default is auto.

– For 100BASE-FX ports, the default is full.
– The 10/100/1000 ports operate in either half- or full-duplex mode when
they are set to 10 or 100 Mb/s, but when set to 1,000 Mb/s, they operate
only in full-duplex mode.

63
 Address Resolution Protocol (ARP)
The primary purpose of ARP:
1. Resolving IPv4 addresses to MAC addresses
2. Maintaining a cache of mappings

 ARP is used to map known IP addresses to MAC addresses

on the local network.

 If the device is on a remote LAN segment, the host will

send an ARP request for the MAC address of the default
gateway.

64
 Removing MAC-to-IP Address Mappings

192.168.1.120
I will remove this ARP entry if I MAC 00-0B
have not used it in 2 minutes.

192.168.1.110 192.168.1.50
MAC 00-0A MAC 00-0C
192.168.1.1
MAC 00-0D
PC-A’s ARP Cache

IPv4 Address MAC Address

192.168.1.1 00-0D

MAC addresses are shortened for demonstration purposes.

 All Devices Powered On at the Same Time

192.168.1.120
ARP Request: I need the MAC I will send an ARP reply and
MAC 00-0B
address of default gateway, pretend to be the default gateway!
192.168.1.1

192.168.1.110 192.168.1.50
MAC 00-0A MAC 00-0C
192.168.1.1
MAC 00-0D

MAC addresses are shortened for demonstration purposes.

 ARP Issues

How ARP Can Create Problems

https://www.youtube.com/watch?v=2MBnX9-KlVU
 Viewing and Clearing the ARP Table
• To view the local ARP table in Windows DOS: arp –a
• To clear the local ARP table in Windows DOS: arp –d

• On a Cisco router, use the show ip arp

69
 Verify the ARP Cache and PING Target
C:\Users\Bob> arp -a

Interface: 192.168.11.13 --- 0xb

Internet Address Physical Address Type
192.168.11.1 00-07-b4-00-0b-01 dynamic

C:\Users\Bob>
C:\Users\Bob> ping 192.168.11.5

Pinging 192.168.11.5 with 32 bytes of data:

Reply from 192.168.11.5: bytes=32 time=1ms TTL=64
Reply from 192.168.11.5: bytes=32 time<1ms TTL=64
Reply from 192.168.11.5: bytes=32 time=1ms TTL=64
Reply from 192.168.11.5: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.11.5:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\Users\Bob>

70
 Selective Forwarding
• A switch establishes a momentary logical
point-to-point connection between the source
and destination hosts.
– Only long enough to forward a single frame.

• Switches can forward frames using 2 methods:

 Store and forward (default on Cisco switches)
 Cut Through: Fast Forward or Fragment Free

71
 Store-and-Forward Switching

• Reads the entire frame:.

– Discards any frames that are corrupt (runts/ too big)
– Performs FCS using CRC and discards any frames with errors
– Allows QoS checks
• Once the entire frame has been read and checked for errors, the switch then
forwards it.
– Allows entry and exit at different (asymmetric) bandwidths

72
 Cut Through – Fast Forward

• Reads up to the end of destination MAC address.

– Then starts sending it out the designated port while
remainder of frame is still coming in.
– Lowest latency but no error control.
• Entry and exit must be same bandwidth 73
 Cut Through – Fragment Free

• Reads up to the end of byte 64 and then:

– Looks up port and start forwarding while remainder of frame (if
any) is still coming in.
– Discards collision fragments (too short) but other bad frames
are forwarded
– Compromise between low latency and checks
• Entry and exit must be same bandwidth 74
 Chapter 4
Summary

• The Layer 2 addressing provided by Ethernet supports

unicast, multicast, and broadcast communications.
• Ethernet uses the Address Resolution Protocol to
determine the MAC addresses of destinations and map
them against known Network layer addresses.
• Each node on an IP network has both a MAC address and
an IP address.
• The ARP protocol resolves IPv4 addresses to MAC
addresses and maintains a table of mappings.
• A Layer 2 switch builds a MAC address table that it uses to
make forwarding decisions.
 Chapter 4
Summary

• Layer 3 switches are also capable of

performing Layer 3 routing functions, reducing
the need for dedicated routers on a LAN.
• Layer 3 switches have specialized switching
hardware so they can typically route data as
quickly as they can switch.