What Goes on in the Wire
03/02/2001|
Also in Networking as a 2nd Language: |
In this third installment of the series, Networking as a 2nd Language, I hope to demystify the low-level layers of the OSI model that I outlined in the last column. On this venture we'll investigate the concepts of layer 2 framing and hardware addressing. Many textbooks tend to write the bare minimum when it comes to layer 2. As you'll soon see, layer 2 deserves a bit more attention than that.
The datalink layer
To maintain continuity, I will again use the example of a Macintosh computer sending e-mail. The content of the message, which we'll simply refer to as data, originated at the application layers. As the data is passed down from the upper layers of the OSI network model, each successive layer puts its own wrapper around the data. For our e-mail example, the protocols used by our network are TCP/IP. TCP, a transport-layer protocol, will encase the upper-layer data into a TCP packet at layer 4. The layer-4 TCP packet is then passed down to layer 3, the network layer, where an IP packet encapsulates the entire TCP packet.
|
At the datalink layer, the e-mail data is then prepared for transmission onto the wire. The wire is, of course, the physical layer, which only deals with bursts of voltages or beams of light (FDDI). The datalink layer is primarily composed of the device drivers in your computer's network interface card that handle how your device transmits and receives on the network media.
Today the most common network card is the 10-base Ethernet adapter. Your network card is identified by the style of framing the device uses at layer 2. When the user, from our Macintosh host example, transmits the e-mail, layer 2 will put the information from the upper layers into an Ethernet frame. We are using Ethernet protocol frames since our network media is Ethernet. Several network protocols exist: Ethernet (IEEE 802.3), Token Ring (IEEE802.5), and FDDI. The framing protocol is dependent on your network media.
Layer 2 frames
The Institute of Electrical and Electronic Engineers (IEEE) organization partitioned the datalink layer into two sub-layers, logical link control (LLC) and media access control (MAC).
The LLC sub-layer provides the reliable transfer interface for the datalink layer. Flow control and error handling of each frame is maintained by the LLC. A layer-2 frame is stored in a buffering computer memory or locally on the network card.
The Macintosh, from our e-mail example, will transmit a frame onto the wire. If there are lots of other systems on our network, there could be congestion or even frame collisions. The frame may have to be transmitted onto the wire two or more times before it arrives at its destination. Once the frame is successfully transmitted, the image of the frame is cleared from the buffer. The LLC sub-layer orchestrates this activity of frame flow control.
Media access control
Every piece of networking hardware that connects to a network has a unique address assigned by its manufacturer. This is the MAC address, also referred to as the burned-in-address (BIA) and hardware address. Your Ethernet adapter card has a MAC address burned into it.
The address is 48 bits and is usually expressed as 12 hexadecimal digits. The first 24 bits (6 hexadecimal digits) are the vendor code, which is assigned by the IEEE to the vendor. This unique 24 bits is also called the Organizational Unique Identifier. The last 24 bits of the MAC address are typically the serial number of the device, assigned by the manufacturer. The IEEE ensures unique IDs to vendors, and the vendors ensure unique IDs of their products. The combination of these IDs provides a globally unique ID for your host on the network.
Ethernet unicast frame
When the Macintosh, in our example Ethernet network, sends the encapsulated e-mail data to the Intel-based mail server, the layer-2 MAC addressing will be used. The Macintosh has the MAC address 00:E0:6B:11:EF:AC burned into its Ethernet interface adapter. The mail server has the MAC address 00:10:AD:EC:01:01.
The Macintosh Ethernet adapter device driver will set the 802.3 Ethernet frame fields MAC source address, SA, using the Macintosh MAC address, and the MAC destination address, DA, using the server's MAC address.
|
When the data is encapsulated in the Ethernet frame, it's then placed on the physical wire. The transmission is visible to all devices sharing the wire on the local network. Each device on the network will examine the frame. If the value of the MAC address in the DA field matches the recipient's MAC address, the frame is processed. If the value of the frame's DA field doesn't match, the frame is ignored. This one source to one destination frame correspondence is called a unicast.
Ethernet broadcast frame
Did you ever wonder how the Macintosh device driver knew what MAC address to use for the destination address? The Macintosh's e-mail client is configured with a TCP/IP address to the mail server. The mail client is using layer-3 IP addressing, not layer-2 MAC addressing schemes. Address Resolution Protocol (ARP) provides a mapping mechanism to handle this scenario.
The Macintosh software knows the IP address of the mail server. The network device driver will send an ARP in an Ethernet frame. The DA field of this Ethernet frame is assigned the MAC address of FF:FF:FF:FF:FF:FF. This is a special MAC address called a broadcast destination address. Every device on the network that sees this DA value will process the frame. The content of the ARP is a request: "Device at MAC SA is looking for the MAC address of the device that is the owner of this IP address." The mail server will recognize its IP address and unicast back an ARP reply with its MAC address. Now the Macintosh can send the frame encapsulating the e-mail data to the mail server using an Ethernet unicast frame.
To minimize ARP requests, the device drivers for the network adapter maintain an ARP cache. The contents of the cache are a mapping of IP addresses to MAC addresses. The ARP cache maintains entries for about 20 minutes, and then it is refreshed.
Layer-2 topologies
My discussions have focused on an Ethernet topology since it is the most common. However, layer-2 topologies cover a significant variety of media. The wide area network (WAN), which uses leased phone lines, has an abundance of layer-2 protocols. There is a variety of LAN layer topologies as well. Fast Ethernet, FDDI, and token ring are common layer-2 LAN solutions as well.
Legacy IBM LAN networks are abundant in the financial world. These networks are token ring architectures supporting IBM mainframes. Token ring frames differ from 802.3 Ethernet frames.
The ring architecture is interesting in that a host device accesses the network when it receives a token frame. This token moves from station to station on the network granting access. Token ring supports 4- and 16-megabit-per-second (Mbps) bandwidths. The latter is the most common. Connection into the token ring network requires a token ring multi-station access unit (MAU), which is conceptually a token ring version of an Ethernet hub. The MAU is specifically a passive wiring hub for token ring and is not an Ethernet hub.
|
A close cousin to the token ring architecture is the FDDI network. FDDI is a 100-Mbps LAN that uses fiber optic cable as its media. FDDI rings are commonly setup as dual rings to provide redundancy in the network topology. Most corporate backbones are traditionally FDDI rings.
The physical layer
Finally we make our way down to the first layer in the network model: layer 1. The physical layer is the hardware abstraction of the OSI model. The network interface card, the cabling or fiber optics, and the signal repeaters are all components at the physical layer. Using our example Macintosh host, the layer-2 frame is placed on the wire, layer 1, as a stream of bits. Bit streams are series of electrical pulses or bursts of light, depending on the physical media.
|
Bridging the gap
Hopefully, the concepts of the OSI Network Reference Model are a bit clearer to you. It's important to keep in mind the concepts presented and the layers each corresponds to.
Layer 2 concepts are important when working with network switches. Two distinct networks can be joined with switches by building a bridge. Bridging is a layer-2 network architecture that relies heavily on MAC addressing schemes and cache tables. We'll explore bridging in detail in my next installment, Basics of Network Segmentation -- Switching and Bridging.
Michael J. Norton is a software engineer at Cisco Systems.
Discuss this article in the O'Reilly Network Forum.
Return to the O'Reilly Network Hub.
