Ethernet

Ethernet provides packet-switched networking in a network, operating at layer 2 of the OSI model. It's used everywhere, from home and office networks right through to the datacentres that host the servers.

Duplex

"Duplex" refers to the constraints placed on communication within a collision domain (typically between a switch and a host).

  • Half duplex allows one device to transmit at a time, in a walkie talkie configuration.
  • Full duplex allows two devices to transmit at the same time, like a telephone communication, avoiding collision.

CSMA/CD

CSMA/CD allows devices on half-duplex networks to detect transmit collisions within a collision domain by sensing over-voltage conditions (spikes) on the wire.

Speeds

NameSpeedRequire full duplex?
Ethernet10Mbps
FastEthernet100Mbps
GigabitEthernet1Gbps
10GigabitEthernet10Gbps
40GigabitEthernet40Gbps

MAC addresses

MAC addresses are 48-bit hardware addresses, usually written as a colon-delimited sequence of 6 octets, e.g. 32:22:fb:53:4:a3. They're burned in to devices at the time of manufacture, but can be locally overridden if required.

  • The first three octets are the OUI, and can be used to identify the manufacturer of the NIC. The final two bits of the first octet are significant:
    • b1 indicates whether the address is locally administered (1), or globally unique with its OUI enforced (0).
    • b0 indicates if the address represents a multicast group (1) or not (0).
  • The second group of three octets are NIC-specific.

EtherType

EtherType is a two-octet field stored in an Ethernet frame to indicate which protocol is encapsulated in the payload of the frame, used at the receiving end by the data link layer to determine how to process the payload.

Some common values include:

EtherTypeProtocol
0x0800net.ipv4 (Private)
0x0806ARP
0x0842Wake on LAN

Ethernet frames

A PDU is a single unit of information transmitted amongst peers on a network. In Ethernet, this is an Ethernet frame.

Ethernet II frame structure

  • The Header section comprises:
    • 48-bit Destination MAC Address.
    • 48-bit Source MAC address.
    • 16-bit Type field, containing an EtherType value.
  • Data 1500 bytes (configurable via MTU size, this limit set by IEEE 802.3).
  • The FCS is a 32-bit CRC of the frame used to verify that it wasn't corrupted in transmission.

Switching devices

  • Hubs are multi-port repeaters that send messages received on any one port to devices on all other ports. The hub and all immediately connected devices are in a single collision domain.
  • Switches are a replacement for hubs which break the single collision domain into one collision domain per port. They keep track of of the MAC addresses of devices connected to each port in their MAC Address Tables, creating a VC between them. Messages are delivered to their intended recipient, not to all attached devices.

Port mirroring

Managed switches sometimes allow mirroring copies of received packets from one port to another for troubleshooting.

Spanning Tree Protocol

When connecting multiple switches, STP determines which links are redundant and shuts down their ports to prevent transmission loops.

Power over Ethernet

PoE is common for access points and phones in corporate environments as it simplifies wiring, allowing organisations to provision just Ethernet. There are two standards defining maximum wattage:

  • Originally, 802.3af permitted 15.4w.
  • 802.3at increased this to 25.5w.

VLANs

VLANs allow multiple broadcast domains to exist on a single switch, with isolation configured at the port level. Such networks can span multiple switches via trunk links, which differ from access links in that frames between the two are tagged by the transmitter with a VLAN. This VLAN tag is stripped by the receiving switch before it's retransmitted.

Transmission modes

Ethernet allows transmissions directly or to a group of nodes.

Unicast

Unicast communications are direct, between one transmitter and one receiver.

Broadcast

Broadcast communications have a single transmitter, but recipients (all recipients within the broadcast domain). Broadcast messages are used by ARP to identify the MAC addresses for IP clients.

When the destination MAC address is the maximum value (all octets are FF), switches will send the packet to all devices on all ports except the sender. Any connected switches will repeat this behaviour. Without STP this would lead to a broadcast storms if cycles between switches are present.

Multicast

Multicast transmissions are from one or more transmitters to zero or more recipients. Recipients are determined based on groups of clients which respond to specific multicast addresses. Multicast backs many video streaming services.

NIC drivers on the receivers are configured to accept packets with the multicast groups' MAC addresses in addition to its own. On older NICs this used to be achieved via "promiscuous mode", collecting all packets and filtering them in software.

MTU

"Jumbo frames" are larger Ethernet frames, typically used on networks with very high throughput requirements (e.g. a SAN). The exact limit of a frame size varies by vendor, but is typically somewhere below 9202 bytes.

References


Backlinks