Protocols
Part 1
1/21/2009
Questions?
- Do you have any questions from the previous class?
- If I don't ask, feel free to chime in!
Physical
- coax
fairly immune to electrical interference, high bandwidth, good distance
hard to damage, but hard to install;
"vampire tap" transceivers
Physical
- fiber optic, 10BaseF:
higher bandwidth / longer distance than copper,
optical not electrical signals so immune to em interference,
hard to "tap" undetected;
- fiber is tougher than you think!
kevlar for tensile and compressive strength, PVC jacket to protect from abrasion and contamination
low loss at S/short 850nm (near infrared since red ends about 700nm),
L/long 1310nm (usu just infrared),
E/extra-long 1550nm (sometimes even this squeaks into "near" but it's usu 750-100nm)
signal encoding: X for fiber channel aka 8B/10B,
R for dark fiber,
W for WAN encoding (SONET compatible)
1000BaseLH long haul, 10GBaseLX4 for 4 WDM
- single-mode:
single-mode, yellow jacket, laser diode, not cheap by 2x-4x,
one light path through core so lower dispersion so higher bandwidth,
usu 5-10 µ core dia, usu 9/125 for 9 µ core 125 µ cladding dia
- multimode:
multi-mode, orange jacket, LED, cheaper, many paths so more dispersion, index of refraction can vary with radius to counter the dispersion, commonly 62.5/125 - 50/125 - (100/140) - ((200/230))
Physical
hey, this one is polarized! can't mix up TX and RX
Fiber
Fiber Ethernet Chart
| Ethernet | wavelength | fiber | fiber size | distance |
| 100BaseFX | 1310 nm | multimode | 50 µ or 62.5 µ | 2 km |
| 1000BaseSX | 850 nm | multimode | 62.5 µ | 500 m |
| 1000BaseLX | 1310 nm | single-mode | 9 µ | 10 km |
| 1000BaseLX | 1310 nm | multimode | 62.5 µ | 550 m |
| 1000BaseLH | 1310 nm | single-mode | 9 µ | 10 km |
| 10GBaseSR | 850 nm | multimode | 50 µ | 65 m |
| 10GBaseSR | 850 nm | multimode | 62.5 µ | 26 m |
| 10GBaseLR | 1310 nm | single-mode | 9 µ | 10 km |
| 10GBaseER | 1550 nm | single-mode | 9 µ | 40 km |
| 10GBaseLX4 | 4 WDM λ | single-mode | 9 µ | 10 km |
| 10GBaseLX4 | 4 WDM λ | multimode | 62.5 µ | 300 m |
| 10GBaseSW | 850 nm | multimode | 50 µ | 65 m |
| 10GBaseSW | 850 nm | multimode | 62.5 µ | 26 m |
| 10GBaseLW | 1310 nm | single-mode | 9 µ | 10 km |
| 10GBaseEW | 1550 nm | single-mode | 9 µ | 40 km |
no need to memorize this; just look it up if you need it
Physical
- twisted-pair, 10(100,1000)BaseT:
not 
... RJ45 looks a lot like RJ11, oops!
4 pairs (10 and 100 Mbps Ethernet only use 2 pairs of Cat5; gigE needs Cat5e or Cat6)
twist by pairs and then together
- Cat1 and 2 are telephone, Cat 3 is 4-conductor 10BaseT only, Cat4 Token Ring
- Cat5 is defined in EIA/TIA 568B ("regular" and crossover) for wiring order, pair twisting, install requirements like cable bends and length, and signal characteristics for attenuation and crosstalk
- Category 5e (enhanced for higher data rate), Category 6 (Gigabit)
What's a Base?
- baseband: the signal is the information
- broadband: information (what would be baseband) rides on a carrier signal
broadband is like AM radio, if that helps (if it doesn't, ignore this comment)
Ethernet II packet
- preamble (frame) of 8 octets of alternating ones and zeroes
preamble provides a baseline for timing, and for "1" and "0"
- 6 octets for destination MAC
comes first, so you don't have to read as far into the packet!
Ethernet II packet
- 2 octets for frame type
- 46 to 1500 octets of data
pad with zeroes if less than 46, fragment across several frames if more than 1500 bytes of payload
cyclic redundancy checksum, transmission error detection (like a CD!)
MTU
maximum transmission unit
- All fragments must arrive before re-assembly.
- In TCP, a single dropped fragment means transmitting the whole segment again.
- But larger packets are more efficient.
- Path MTU is very important!
MTU
| network | MTU |
| Hyperchannel | 65535 |
| 16 Mbps token ring | 17914 |
| 4 Mbps token ring (802.5) | 4464 |
| FDDI | 4352 |
| Ethernet | 1500 |
| 802.3 / 802.2 / PPPoE | 1492 |
| X.25 | 576 |
| Point-to-point (low delay) | 296 |
this table is for "flavor"; still only interested in Ethernet
More Ethernet
- Ethernet II has frame type (positions C and D) > 0x05EE
assume Ethernet II unless told otherwise
- SNAP, Simple Network Attachment Protocol
- DSAP/SSAP, Destination/Source Service Access Point, match; for SNAP, both are 0xAA
- bytes E and F (start of "data") are 0xAAAA
- 802.3 raw (Netware)
- bytes E and F are 0xFFFF because header checksum not implemented
- 802.2
- 802.3 raw and 802.2 are not well-behaved, not welcome
More Ethernet
- SNAP
- 802.3 raw / Netware (bad netizen)
- 802.2 (bad netizen)
IP packet
- 4 bits - version 4
- 4 bits - header length
- 8 bits - type of service
- 3 bits - precedence
- 4 bits - service (at most one can be set)
- minimum delay, maximum throughput, most reliable, least cost
- 1 bit - 0/unused
IP packet
- 16 bits - total length of packet
- 16 bits - identification
- 3 bits - IP flags
- 0 - reserved
- DF - don't fragment
- MF - more fragments (0 for last fragment)
IP packet
- 13 bits - fragment offset
- 8 bits - TTL
- 8 bits - protocol
- 16 bits - header checksum
IP packet
- 32 bits - source IP address
- 32 bits - destination IP address
- 24 bits - IP options, if any
- 8 bits - padding (if needed)
- minimum and most common IP header is 20 octets
IP Addresses
- 32 bits, dotted decimal
- Class A (0-127), 8 bits network, 24 bits host
- Class B (128-191), 16 bits each
- Class C (192-223), 24 bits network, 8 bits host
- Class D (224-239), multicast
- Class E (240-255), reserved
Netmask
- Class A 255.0.0.0, Class B 255.255.0.0, Class C 255.255.255.0
- CIDR
- private addresses from RFC 1918
- 10.0.0.0/8 or 10.0.0.0 to 10.255.255.255
- 172.16.0.0/12 or 172.16.0.0 to 172.31.255.255
- 192.168.0.0/16 or 192.168.0.0 to 192.168.255.255
Netmask
- You apply your netmask to your IP address, and the result tells you what addresses are local to you.
Local is a very important concept in this class!
ARP
- local delivery on LAN needs MAC address
- ARP maps Layer 3 address to Layer 2 address, usually IP to MAC
- RARP goes the other way
- RFC 826
ARP packet header
- 6 octets - Ethernet destination address, all 1s, broadcast (reply is unicast)
- 6 octets - Ethernet source address
- 2 octets - frame type, 0x0806 for ARP
this is just an Ethernet II header, at least when the ARP is for Ethernet
ARP packet, request or reply
- 2 octets - hardware type, 1 for Ethernet
- 2 octets - protocol type, 0x0800 for IP, same as Ethernet header
- 1 octet - hardware address size (6 octets)
- 1 octet - protocol address size (4 octets)
- 2 octets - op field
- 1: ARP request
- 2: ARP reply
- 3: RARP request
- 4: RARP reply
More about ARP
- When a station hears an ARP for itself, it stores the sender's MAC in its ARP table because it assumes communication may follow.
- proxy ARP - a router answers on behalf of one of its networks; promiscuous ARP, ARP hack
- gratuitous ARP - ARP for self to make sure IP address is available, usually when configuring NIC at boot
- RARP, manually configured, is required for a diskless end station to get an IP when it boots (RFC 903). The Ethernet frame type is 0x8035 but otherwise what you expect. The RARP server must be in the same broadcast domain because routers won't forward L2 broadcasts.
Transmission Process: Before
Pre-Transmission Process: Local
| | source node | packet description | destination node |
|---|
| 1 | me.dept.university.edu | ARP broadcast for MAC address of DNS server at known numeric IP address | L2 broadcast (to all) |
| 2 | dns.university.edu | ARP unicast reply | me.dept.university.edu |
| 3 | me.dept.university.edu | DNS unicast request for numeric IP address of neat-stuff.university.edu | dns.university.edu |
| 4 | dns.university.edu | DNS unicast reply with numeric IP address of neat-stuff.university.edu | me.dept.university.edu |
| 5 | me.dept.university.edu | ARP broadcast for MAC address to the IP address for neat-stuff.university.edu | L2 broadcast (all) |
| 6 | neat-stuff.university.edu | ARP unicast reply | me.dept.university.edu |
| now local-area data transmission between two hosts can begin |
Pre-Transmission Process: Wide Area
| | source node | packet description | destination node |
|---|
| 1 | me.dept.university.edu | ARP broadcast for MAC address of DNS server at known numeric IP address | L2 broadcast (all) |
| 2 | dns.university.edu | ARP unicast reply | me.dept.university.edu |
| 3 | me.dept.university.edu | DNS unicast request for numeric IP address for neat-stuff.company.com | dns.university.edu |
| 4 | dns.university.edu | DNS unicast reply with numeric IP address of neat-stuff.company.com | me.dept.university.edu |
| 5 | me.dept.university.edu | ARP broadcast for MAC address of my-default-router.university.edu | L2 broadcast (all) |
| 6 | my-default-router.university.edu | ARP unicast reply | me.dept.university.edu |
| now wide-area data transmission through my-default-router can begin |
Reading
- Steinberg, Steve G. "Netheads vs. Bellheads," Wired. Issue 4.10. October 1996. link
- The updated version is CellHeads and AirHeads. PPT or PDF
- Boggs, David R., Jeffrey C. Mogul, and Christopher A. Kent. "Measured Capacity of an Ethernet: Myths and Reality," Proceedings of the SIGCOMM 88 Symposium on Communications Architectures and Protocols, ACM SIGCOMM, Stanford, California, August 1988. Available via citeseer: link
- Leland, Will E., Murad S. Taqqu, Walter Willinger, Daniel V. Wilson. "On the Self-Similar Nature of Ethernet Traffic," Proc. SIGCOM93, 1993, San Francisco, California, p. 183-193. Available via citeseer: link
Topical Books
- Barabási, Albert-László. Linked: The New Science of Networks. Cambridge, MA: Perseus Publishing, 2002.
- Comer, Douglas E. Internetworking with TCP/IP: Principles, Protocols, and Architecture. Upper Saddle River, NJ: Prentice Hall, 1995.
- Perlman, Radia. Interconnections: Bridges, Routers, Switches, and Internetworking Protocols. Reading, MA: Addison-Wesley, 2000.
- Another classic networking text.
- Stevens, W. Richard. TCP/IP Illustrated, Volume 1. Reading, MA: Addison-Wesley. 1999.
- Detailed networking text.
(LC)
