Chapter (4)

Layer 2 LAN Technologies

Chapter (4)

Layer 2 LAN Technologies

A LAN interconnects network components located geographically close, such as the floor of a building, within a building, or on a campus.

The LAN infrastructure used is built and owned by a company or other organization. Typically, no external provider, such as a telephone company, is used to connect different parts of the LAN. LANs can scale from very small sizes, such as a small office/home office (SOHO), to a large corporation spanning multiple buildings on a campus, commonly referred to as an enterprise LAN.

Common components you’ll find in a LAN include computers (PCs and servers), interconnections (network interface cards and media types such as cabling and wireless), network devices (routers, switches, hubs, firewalls, intrusion detection/ prevention systems, and so on), and protocols (Ethernet and TCP/IP).

The main function of all of these components is to allow users to access applications and data, to share resources such as printers and network storage, and to connect to other networks if necessary.

Ethernet OperationEthernet is a LAN technology that functions at

the data link layer. Ethernet uses the Carrier Sense Multiple

Access/Collision Detection (CSMA/CD) mechanism to send information in a shared environment. Ethernet was initially developed with the idea that many devices would be connected to the same physical piece of wiring.

The short form CSMA/CD describes the actual process of how Ethernet operates on a shared medium.

Collision DomainsBecause Ethernet experiences collisions,

networking devices that share the same medium (are connected to the same physical segment) are said to belong to the same collision or bandwidth domain. This means that, for better or worse, traffic generated by one device in the collision domain can adversely affect other devices in the same domain

FramingOne of the main differences between IEEE’s and Ethernet

implementation of Ethernet is the framing used. that framing defines the format of information as it’s carried across a data link layer medium.

A frame standardizes the fields in the frame and their lengths so that every device understands how to read the contents of the frame. The next sections discuss the framing that IEEE uses with the 802.3 and 802.2 standards and what Ethernet uses.

Addressing

Recall from Chapter 2 that Ethernet, as well as other LAN technologies such as FDDI and Token Ring, use MAC, or hardware, addresses to uniquely identify devices on a segment (physical or logical). MAC addresses are represented using a hexadecimal addressing scheme.

You should be familiar with decimal, binary, and hexadecimal numbering, since you might be expected to convert decimal numbers to binary (and vice versa), decimal to hexadecimal (and vice versa), and binary to hexadecimal (and vice versa).

Bit Values

Before you can begin to understand the conversion process, you need to understand binary mathematics. Computers and networking components process everything in binary. In 1 byte (octet), there are 8 bits. Each bit in a byte, when enabled (turned on), represents a specific decimal value. Table 3-5 shows the conversion of a specific bit position, in a byte, when it is enabled. In this table, the bit positions are labeled from left to right, where the leftmost bit is the most significant and the rightmost bit is the least significant. A bit can contain one of two values: 0 or 1. If it is enabled (set to 1), then that equates to a particular decimal value, shown in the second row of

Table 3-5. If it is disabled (set to 0), then this equates to a decimal value of 0. Higher order bits have a higher-numbered bit position (such as bit position 8), while lower order bits have a lower-numbered bit position (such as bit position 1).

* To convert the binary byte value to a decimal value, you look at all the bits that are turned on and add up the equivalent decimal values.

Table 3-5. If it is disabled (set to 0), then this equates to a decimal value of 0. Higher order bits have a higher-numbered bit position (such as bit position 8), while lower order bits have a lower-numbered bit position (such as bit position 1).

* To convert the binary byte value to a decimal value, you look at all the bits that are turned on and add up the equivalent decimal values.

Problems and Limitations of Ethernet:Even though Ethernet is the main layer 2

technology used in LAN networks for many years, it does have two main disadvantages:

■ Distance■ CollisionsThe following sections discuss these two problems

in depth, and the rest of the chapter will cover some unique solutions commonly found in Ethernet-based networks today.

Distance and Extension of LANs:One of the initial problems with Ethernet was that you were limited to the length of a segment because copper was used as a media type: 10Base5 supported 500 meters and 10Base2 supported 185 meters. When 10BaseT was introduced, using unshielded twisted pair (UTP) cabling, the distance limitation shrunk even further: 100 meters.One issue of using copper as a transmission medium is that as the signal travels down the copper wire, the signal slowly degrades because of noise in the line, the signal losing strength, and issues with devices not specifically following the rules definedby CSMA/CD.

One solution is to use a physical layer repeater to repeat the signal to deal with noise and signal strength. With 10BaseT, a hub, a multiport physical layer repeater, is used to perform this function. A hub takes a signal received on one interface and repeats it across all other available interfaces. The main problem with a hub is that if the signal is bad, the hub repeats the bad signal: bad in, bad out.

CSMA/CD also causes issues. For example, with CSMA/CD, when a device places a frame on a wire, it listens on the wire for a predetermined time period to determine whether a collision occurs. If no collision is detected during this time period, the source assumes that everyone on the segment successfully received the frame.

Solutions to Collision Problems:Bridges were originally used to solve collision and bandwidth problems. Each port connected to a bridge is a separate collision domain. When a frame is pulled into a port on a bridge, the bridge checks the frame’s field checksum sequence (FCS), and if the FCS if valid, the frame is forwarded out of a destination port or ports. Recall from Chapter 3 that the FCS is a checksum to ensure that the destination can check that the Ethernet frame has not been corrupted.Basically, the bridge is creating the illusion that all physical segments to which it is connected are actually one large logical segment. All devices connected to this logical segment are in the same broadcast domain—this makes sense because bridges flood broadcasts. Note that if you are having problems with large amounts of broadcasts, bridges will not solve these problems.

The problem with this implementation is that the longer the cable is, the longer the time period required to accommodate the signal traveling to the two endpoints of the cable. Therefore, the cable can’t be of infinite length. Because of this issue, we have different standards of Ethernet that allow for maximum lengths of the cable. If a device has a 10Base5 interface, its NIC knows that it must listen on the wire based on the amount of time it takes for an electrical signal to travel 500 meters, whether or not the cable happens to be this long.

Network ..Subnet

A subnet is a logical organization of network address ranges used to separate hosts and network devices from each other to serve a design purpose. In many cases, subnets are created to serve as physical or geographical separations similar to those found between rooms, floors, buildings, or cities.

Subnetting is used to break the network into smaller more efficient subnets to prevent excessive rates of Ethernet packet collision in a large network. Such subnets can be arranged hierarchically, with the organization's network address space partitioned into a tree-like structure. Routers are used to manage traffic and constitute borders between subnets.

And this is sample shows an IP address represented in both binary and decimal.

10. 1. 23. 19 (decimal) 00001010.00000001.00010111.00010011 (binary) These octets are broken down to provide an addressing scheme that can accommodate large and small networks. There are five different classes of networks, A to E. This document focuses on addressing classes A to C, since classes D and E are reserved and discussion of them is beyond the scope of this document.

Network Masks

A network mask helps you know which portion of the address identifies the network and which portion of the address identifies the node. Class A, B, and C networks have default masks, also known as natural masks, as shown here:

Class A: 255.0.0.0 Class B: 255.255.0.0 Class C: 255.255.255.0 An IP address on a Class A network that has not been subnetted would have an address/mask pair similar to: 8.20.15.1 255.0.0.0. To see how the mask helps you identify the network and node parts of the address, convert the address and mask to binary numbers.

8.20.15.1 = 00001000.00010100.00001111.00000001 255.0.0.0 = 11111111.00000000.00000000.00000000 Once you have the address and the mask represented in binary, then identifying the network and host ID is easier. Any address bits which have corresponding mask bits set to 1 represent the network ID. Any address bits that have corresponding mask bits set to 0 represent the node ID.

8.20.15.1 = 00001000.00010100.00001111.00000001 255.0.0.0 = 11111111.00000000.00000000.00000000 ----------------------------------- net id | host id netid = 00001000 = 8 hostid = 00010100.00001111.00000001 = 20.15.1

Hexadecimal-&-DecimalConvert the decimal number 650 to hexadecimal

by repeated division by 16.650 = 40.625 0.625 x 16 = 10 = A (LSD)1640 = 2.5 0.5 x 16 = 8 = 8162 = 0.125 0.125 x 16 = 2 = 2 (MSD)16The hexadecimal number is 28A

A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI model, and the term layer 2 switch is very often used interchangeably with bridge. Bridges are similar to repeaters or network hubs, devices that connect network segments at the physical layer; however, with bridging, traffic from one network is managed rather than simply rebroadcast to adjacent network segments. In Ethernet networks, the term "bridge" formally means a device that behaves according to the IEEE 802.1D standard—this is most often referred to as a network switch in marketing literature

Bridges tend to be more complex than hubs or repeaters. Bridges can analyze incoming data packets to determine if the bridge is able to send the given packet to another segment of the network.

Since bridging takes place at the data link layer of the OSI model, a bridge processes the information from each frame of data it receives. In an Ethernet frame, this provides the MAC address of the frame's source and destination. Bridges use two methods to resolve the network segment that a MAC address belongs to.

Bridging (networking)

Bridging is a forwarding technique used in packet-switched computer networks. Unlike routing, bridging makes no assumptions about where in a network a particular address is located. Instead, it depends on flooding and examination of source addresses in received packet headers to locate unknown devices. Once a device has been located, its location is recorded in a table where the M AC address is stored so as to preclude the need for further broadcasting.

The utility of bridging is limited by its dependence on flooding, and is thus only used in local area networks. Currently, two different bridging technologies are in widespread use. Transparent bridging predominates in Ethernet networks, while source routing is used in token ring networks. Thus, bridging allows you to connect two different networks seamlessly on the data link layer, e.g. a wireless access point with a wired network switch by using MAC addresses as an addressing system. A bridge and switch are very much alike.

Bridging versus routing Bridging and routing are both ways of performing data control,

but work through different methods. Bridging takes place at OSI M odel Layer 2 (Data-Link Layer) while Routing takes place at the OSI M odel Layer 3 (Network Layer). This difference means that a bridge directs frames according to hardware assigned M AC addresses while a router makes its decisions according to arbitrarily assigned IP Addresses. As a result of this, bridges are not concerned with and are unable to distinguish networks while routers can.

When designing a network, one can choose to put multiple segments into one bridged network or to divide it into different networks interconnected by routers. If a host is physically moved from one network area to another in a routed network, it has to get a new IP address; if this system is moved within a bridged network, it doesn't have to reconfigure anything. These days bridges are replaced by switches

switch is a marketing term rather than a technical one.[citation needed] Switches may operate at one or more OSI layers, including physical, data link, network, or transport (i.e., end-to-end). A device that operates simultaneously at more than one of these layers is called a multilayer switch, although use of the term is diminishing.[citation needed]

In switches intended for commercial use, built-in or modular interfaces make it possible to connect different types of networks, for example Ethernet, Fibre Channel, ATM, ITU-T G.hn and 802.11. This connectivity can be at any of the layers mentioned. While Layer 2 functionality is adequate for speed-shifting within one technology, interconnecting technologies such as Ethernet and token ring are easier at Layer 3.

Interconnection of different Layer 3 networks is done by routers. If there are any features that characterize "Layer-3 switches" as opposed to general-purpose routers, it tends to be that they are optimized, in larger switches, for high-density Ethernet connectivity.

In some service provider and other environments where there is a need for much analysis of network performance and security, switches may be connected between WAN routers as places for analytic modules. Some vendors provide firewall, network intrusion detection, and performance analysis modules that can plug into switch ports. Some of these functions may be on combined modules.

In other cases, the switch is used to create a mirror image of data that can go to an external device. Since most switch port mirroring provides only one mirrored stream, network hubs can be useful for fanning out data to several read-only analyzers, such as intrusion detection systems and packet sniffers.

Connectionless ForwardingThis is termed destination-based

connectionless forwardingHow does each router know the correct local

forwarding decision for any possible destination address?Through knowledge of the topology state of the

networkThis knowledge is maintained by a routing

protocol

Routing ProtocolsDistribute the knowledge of the current

topology state of the network to all routersThis knowledge is used by each router to

generate a forwarding table, which contains the local switching decision for each known destination address

Routing Protocolscorrect operation of the routing state of a

network is essential for the management of a quality network serviceaccuracy of the routing informationdynamic adjustment of the routing informationmatching aggregate traffic flow to network

capacity

Exterior routingExterior routing

ISP Routing Taskscustomersinternalpeer / upstream

Interior routing

Customer routing

Interior Routingdiscovers the topology of a network through

the operation of a distributed routing protocol

A20

10

4

10

40

5

6

10

15

10

5

B

5

5

45

R1 R4

R2

R3

R6

R7

R5

R8

Path Selection

Minimum cost from A to B is 39 units

A20

10

4

10

40

5

6

15

10

5

B

5

5

45

R1 R4

R2

R3

R6

R7

R5

R8

Dynamic Path Adjustment

If R5 – R7 breaks, minimum cost path from A to B isNow 46 units

Interior Routing Protocolsdescribe the current network topology Routing protocols distribute how to reach

address prefix groupsRouting protocols function through either

distributed computing model (distance vector)parallel computing model (link state)

Routing ProtocolsDistance Vector Routing Protocols

Each node sends its routing table (dest, distance) to all neighbors every 30 seconds

Lower distances are updated with the neighbor as next hop

cannot scalecannot resolve routing loops quicklyRIP is the main offender

Routing ProtocolsLink State Routing Protocols

Each link, the connected nodes and the metric is flooded to all routers

Each link up/down status change is incrementally flooded

Each router re-computes the routing table in parallel using the common link state database

OSPF is the main protocol in use today

SuggestionsJust engineering a physical link does not

ensure that traffic will flowsome system somewhere must provide routing

information about how to reach the newly connected network

Installing backup circuits is easy, making the routing work may not be

Suggestionsneed a clear understanding of how the client

networks want their traffic to flow before you can start making routing configuration changes

Interior and Exterior Routing Protocols

Exterior Routing Space

InteriorRouteSpace

InteriorRouteSpace

InteriorRouteSpace

InteriorRouteSpace

InteriorRouteSpace

AS1 AS1221

AS2402

AS3561

AS701

Exterior Routing ProtocolsYou tell me all the address prefixes you can

reach, but don’t tell me the path you use to get thereI’ll tell you the same

If anything changes, please let me knowIf you tell me an address I’ll send you traffic

destined to that address.If I tell you an address I will accept traffic destined

to that address

Exterior Routing ProtocolsBorder Gateway Protocol version 4 (BGP4)Each interior route collection is described by

an Autonomous System (AS) numberInternal topology is hiddenRoutes are announced with associated AS

value139.130.0.0/16 + AS 1221

BGP example

AS 1221 AS 3561

139.130.0.0/16203.10.60.0/24

148.10.0.0/16 356124.192.36.0/24 3561202.23.45.0/23 3561

148.10.0.0/1624.192.36.0/24202.23.45.0/23

139.130.0.0/16 1221203.10.60.0/24 1221

BGP Example of TRANSITAS 1221

AS 3561

139.130.0.0/16 i203.10.60.0/24 I

148.10.0.0/16 356124.192.36.0/24 3561202.23.45.0/23 3561

210.10.0.0/16 3561,5727139.1.0.0/16 3561,5727

148.10.0.0/16 i24.192.36.0/24 i202.23.45.0/23 i

210.10.0.0/16 5727130.1.0.0/16 5727

139.130.0.0/16 1221203.10.60.0/24 1221

AS 5727

210.10.0.0/16 i130.1.0.0/16 I

148.10.0.0/16 356124.192.36.0/24 3561202.23.45.0/23 3561

139.130.0.0/16 3561,1221203.10.60.0/24 3561,1221

Exterior Routing ProtocolsInternal transit paths use I-BGP

AS 3561

AS 1221AS 5727

A

B

Q: How does router A tell router B about AS1221 addresses?A: Router A sets un an INTERIOR BGP session with router B

Exterior Routing ProtocolsAS 1

AS 2402

AS 1221

AS3561

AS 701

I-BGP

E-BGP

Exterior Routing ProtocolsNormally chose minimal AS path length

203.10.60.0/24 701,3561,1221203.10.60.0/24 5727,1221

Selected path is via peer session to AS 5727 as thisIs 1 AS shorter that the other path

Exterior POLICYHow can I share the traffic load between 2 or

more exterior providers?How can I create a backup link to support my

main exterior link?

You can bias minimal path selection by AS path filter lists or community attributes or local preferences

Exterior Routing Protocols plus Policy

AS 1

AS 2402

AS 1221

AS 3561

AS 701

Accept AS paths122124021221,35612402,701

external Routing Protocols plus Policypolicy settings control

what you advertise to your immediate peersWhat you accept from your immediate peersWhat transits you will accept (send traffic)

you cannot controltransit path of received trafficsymmetry of transit policy