1. Week 12
Ethernet
WiFi

2. Agenda
• Ethernet
• Spanning Tree
• WiFi
• IP version 4

3. Ethernet
Frames• DIX Format
• proposed by Digital, Intel and Xerox
Preamble
[8 bytes]
Destination
address
Type
[2 bytes]
CRC [32 bits]
Source address
Data
[46-1500 bytes
Used to mark the beginning of the frame
Allows the receiver to synchronise its
clock to the sender’s clock
Indication of the type of packet contained
inside the frame
Upper layer protocol must ensure that
the payload of the Ethernet frame is
at least 46 bytes and at most 1500 bytes

4. The Ethernet zoo
10BASE5 Thick coaxial cable, 500m
10BASE2 Thin coaxial cable, 185m
10BASE-T Two pairs of category 3+ UTP
10BASE-F 10 Mb/s over optical fiber
100BASE-TX Category 5 UTP or STP, 100 m maximum
100BASE-FX Two multimode optical fiber, 2 km maximum
1000BASE-CX Two pairs shielded twisted pair, 25m maximum
1000BASE-SX Two multimode or single mode optical fibers with lasers
10 Gbps optical fiber but also cat 6 twisted pair
40-100 Gbps being developed, standard expected in 2010, 40Gbps one
meter long for switch backplanes, 10 meters for copper cable
and 100 meters for fiber optics

5. Ethernet switch
• A switch is a relay that operates in the
datalink layer
Host A Host BSwitch
Physical Phys. Phys.
Datalink
Network Network
Datalink
Physical

6. How to favour high-
speed links ?
Switch 1
Switch 7
Switch 9
Switch 22
Switch 44
Switch 2

7. Link costs
Bandwidth
Recommended
link cost range
Recommended
link cost value
10 Mbps 50-600 100
100 Mbps 10-60 19
1000 Mbps 3-10 4

8. Selection of root
• Root priority vectors
• Port 1: 8,7+100,9
• Port 2 : 8,9+1,22
• Port 3 : 8,4+10,17
• Port 4: 8,4+10,18
S91
1
2
34
R=8,C=7,T=9
R=8,C=9,T=22
R=8,C=4,T=17R=8,C=4,T=18
• Switch S91's BPDU
• R=8, C=10,T=91

9. Switches and hubs
• How should the spanning tree work with
hubs ?
S1
1
4
Hub1
S3
1
2
Hub2
2

10. The states of the
ports• Root port
• Port having the best root priority
vector
• Only one root port per switch !
• Designated port
• Ports where the switch's BPDU is
better than best BDPU received
• Blocked ports
• Ports where the switch's BPDU is
worse than best BDPU received

11. The root switch
• What is the state of the ports of the root
switch ?
• How to influence the selection of the
root switch ?
S1
1
2
34

12. Corner cases
• Parallel links
• Backup links to same LAN
S2S3
1
2 3
4
S1
2 4
S1

13. Spanning tree
1
2
34 1
1
1
1
2
22
2
3
3
3
4
S222S111
S333
S444
S555
1 Gbps, cost =10
10 Gbps, cost =1

14. BPDU format
• Simplified BPDU format
BPDU
Header
Root Id
Switch identifier
Root path cost
Protocol Identifier
Protocol version
Configuration BPDU or topology change
Flags
Identifier of the switch sending the BPDU
Port identifier : used when a switch has several
ports attached to the same LAN
Current root identifier
Port identifier
Message age
Max age
Hello time
Forward delay

15. Port states and
activityReceive
BPDUs
Transmit
BPDUs
Blocked yes no
Root yes no
Designated yes yes
Learn
Addresses
Forward Data
Frames
Inactive no no
Active yes yes

16. Failures
• Failure (power-off) of the root switch
• A new root needs to be elected
• Failure of a designated switch
• Another switch should replace
• Failure of a link
• a disabled link should be enabled
• If the network is split we have two
separated networks

17. Dealing with failures• Regular transmission of BPDUs
• Default Hello timer is two seconds
• BPDUs stored in the switches age and are
removed when they timeout
• Failure notification mechanism
• When switch detects important failure, it
sends a topology change BPDU to Root
• Upon reception of TC BPDU all switches
stop forwarding data frames and recompute
ST

18. Full duplex Ethernet
Observations
In many networks, Ethernet is a often a point-to-point
technology
host-to-switch
switch to switch
Twisted-pairs and fiber-based physical layers allow
to send and receive at the same time
S1 S2
HUB
HUB

19. Ethernet full duplex
No collision is possible on a full duplex
Ethernet/FastEthernet/GigabitEthernet link
Disable CSMA/CD on such links
Advantages
Improves bandwidth
Both endpoints can transmit frames at the same time
CSMA/CD is disabled
No constraint on propagation delay anymore
Ethernet network can be as large as we want !
No constraint on minimum frame size anymore
We do not need the frame extension hack for Gigabit Ethernet!

20. Full duplex Ethernet (3)
Drawback
If CSMA/CD is disabled, access control is disabled
and congestion can occur
How to solve this problem inside Ethernet ?
Add buffers to switches
but infinite buffers are impossible and useless anyway
Cause collisions (e.g. jamming) to force collisions on the inter-switch link
and uplink is server is too fast
Drawback : interswitch link could be entirely blocked
Develop a new flow control mechanism inside MAC layer
Pause frame to slowdown transmission
S1 S2Server
Client
FastEthernet (100 Mbps) Ethernet (10 Mbps)

21. Ethernet flow control
PAUSE frame indicates how much time the upstream
should wait before transmitting next frame
S1
server
Client
FastEthernet
(100 Mbps)
Ethernet
(10 Mbps)
PAUSE [2msec]
Frame1 [10000 bits]
Frame3 [10000 bits]
Frame2 [10000 bits]
100 nsec
Frame1 [10000 bits]
1 microsec
Frame2 [10000 bits]
Sender blocked

22. Virtual LANs
Allows to build several logical networks on top of
a single physical network
S
A B
C
D
F
E
Each port on each switch is
associated to a particular VLAN
All the hosts that reside on the same VLAN
can exchange Ethernet frames
A host on VLAN1 cannot send an Ethernet
frame towards another host that belongs to
VLAN2
Broadcast and multicast frames are only
sent to the members of the VLAN
VLAN1 : A,E,F
VLAN2 : B,C,D

23. VLANs in campus networks
How to support VLANs in a campus network
S1
A B
C
D
F
E
VLAN1 : A,E,F
VLAN2 : B,C,D
S2
Possible solutions
Place on each switch a table
that maps each MAC address
on a VLAN id
difficult to manage this table
Change frame format used on inter-
switch links to include a VLAN
identifier
new header added by first switch
new header removed by last switch

24. VLAN frame format
Destination
Address
Address
Identifies the frame as containing VLANtag
Tag control information contains two types of
information :
- VLAN identifier (12 bits) : up to 4094
different VLANs can be defined
- Priority (3 bits) : indicates the importance of
the frame and can be used by switches to
provide a better service for some frames
(e.g. Voice)
Type
CRC [32 bits]
Payload
VLAN
Protocol Id
0x8100
Tag Control Info

25. Agenda
• Ethernet
• Spanning Tree
• WiFi
• IP version 4

26. The WiFi zoo
Standard Frequency Typical
throughput
Raw
bandwidth
Range in/out
(m)
802 .11 2.4 GHz 0.9 Mbps 2 Mbps 20 / 100
802 .11a 5 GHz 23 Mbps 54 Mbps 35 / 120
802 .11b 2.4 GHz 4.3 Mbps 11 Mbps 38 / 140
802 .11g 2.4 GHz 19 Mbps 54 Mbps 38 / 140
802 .11n 2.4 / 5 GHz 74 Mbps up to 600
Mbps
70 / 250
Source http://en.wikipedia.org/wiki/IEEE_802.11n

27. Practical issues
with WLAN deployments
Home environment
A WLAN can interfere with the neighbour’s
WLAN

28. Practical issues
with WLAN deployments
Enterprise networks
One access point can interfere with other access points
reduces significantly overall available bandwidth

29. The WiFi channel frequencies
WiFi standards operate on several frequencies
called channels
Usually about a dozen channels
Why multiple channels ?
Some channels my be affected by interference and
have a lower performance
Some frequencies are reserved for specific usage in
some countries
Allows frequency reuse when there are multiple WiFi
networks in the same area
Unfortunately, many home access points operate by default
on the same factory set channel which causes interference
and reduced bandwidth

30. WLAN in enterprise
environments
What could be done to improve the performance
of WLANs ?
Reduce interference as much as possible
Tune channel frequencies
Reduce transmission power
Similar to techniques used in GSM networks
Recent deployments rely on centralized controllers and
thin access points

31. 802.11 frame format
Frame control
[2 bytes]
Duration/Id
[2 bytes]
Address 2
[6 bytes]
Address 1
[6 bytes]
Standard header
- Protocol version [2 bits] : current version 0
- Type [2 bits] : control / data / management frame
- Subtype [2 bits] : specific subtype of frame
- to DS [1 bit] : frame is sent to distribution system
- from DS [1 bit] : frame is from distribution system
- more fragment [1 bit] : used when packets are fragmented
- Retry [1 bit] : retransmission
- Power Management [1 bit] : used for power management fct
- More data [1 bit] : indicates that there are other frames
for this station at the access point
- WEP [1 bit] : 1 if frame has been encrypted with WEP
- order [1 bit] : for strictly ordered class
Address 3
[6 bytes]
Sequence
control [2 bytes]
Frame body
[0-2312 bytes]
Frame Check
Sequence
Sequence number
- 12 bits frame sequence number
- 4 bits fragment number

32. Some 802.11 control frames
Frame control
[2 bytes]
Duration
[2 bytes]
Receiver
address
[6 bytes]
Frame Check
Sequence
Frame control
[2 bytes]
Duration
[2 bytes]
Receiver
address
[6 bytes]
Frame Check
Sequence
Transmitter
address
[6 bytes]
Frame control
[2 bytes]
Duration
[2 bytes]
Receiver
address
[6 bytes]
Frame Check
Sequence
ACK frame
RTS frame
CTS frame

33. IP over 802.11
Frame control
Duration/Id
[2 bytes]
Address 2
[6 bytes]
Address 1
[6 bytes]
Address 3
[6 bytes]
Sequence
control [2 bytes]
IP packet
Frame Check
Sequence
LLC/SNAP
0x800
LLC/SNAP
- 4 bytes header
EtherType
- 0x800 for IP, 0x86DD for IPv6

34. Agenda
• Ethernet
• Spanning Tree
• WiFi
• IP version 4

35. IP version 4
Ver IHL DS Total length
Payload
32 bits
ChecksumTTL Protocol
Flags FragmentOffset
20 bytes
Source IP address
Identification
Destination IP address
Differentiated Services Byte used to
specify Quality of Service expected
for this packet
IP version used to encode header
- current version is 4
- IP version 6
Header length (default 20 bytes)
Maximum : 64 bytes for entire header
including options
Binary flags
More
Don't Fragment : Packet
cannot be fragmented by
intermediate routers
Allows to identify the “user” above
the IP layer (e.g. UDP, TPC, ...)
Plays similar role to TCP port
numbers
Packet identification
used for fragmentation and
reassembly
Options
Optional header extension
Time to Live

36. IPv4 addresses
• 32 bits long, one address per interface
• Example
Notation 138.48.26.1/23 or
138.48.26.1 255.255.254.0
• All hosts that belong to the same subnetwork
can directly exchange frames through
datalink layer

37. ARP : Address
Resolution Protocol
IP: 10.0.1.9
Eth : B
IP: 10.0.1.8
Eth : C
IP: 10.0.1.11
Eth : E
IP: 10.0.1.22
Eth : A
10.0.1.22 needs to send an IP packet to 10.0.1.8
1
IP: 10.0.1.9
Eth : B
IP: 10.0.1.8
Eth : C
IP: 10.0.1.11
Eth : E
IP: 10.0.1.22
Eth : A
ARP : broadcast frame Addr Eth 10.0.1.8 ?
2
IP: 10.0.1.9
Eth : B
IP: 10.0.1.8
Eth : C
IP: 10.0.1.11
Eth : E
IP: 10.0.1.22
Eth : A
10.0.1.8 replies in an Ethernet frame and A knows the MAC address to send
its IP packet
3

38. ARP : frame format
Preamble
[7 bytes]
Delimiter[1byte]
Destination
Address
Type: 0x806
CRC [32 bits]
Source
Address
MAC address of the sender
Broadcast : 111...111
Header
Sender MAC
Sender IP
Target MAC
Common header for all ARP frames
- Hardware type Ethernet is 1
- Protocol type , IP is 0x0800.- Hardware
length : length of MAC address - Protocol
length : length of network layer address -
Operation : 1 for request, 2 for reply, 3 for
RARP request, and 4 for RARP reply.
Target IP

39. ICMP version 4
Ver IHL DS
IP header
ChecksumTTL Protocol
Source IP address
Identification
Destination IP address
Data
Type Code
Ver IHL DS Total length
ChecksumTTL Protocol
Flags FragmentOffset
Source IP address
Identification
Destination IP address
First 64 bits of payload
Flags FragmentOffset
Protocol=1 for ICMP
covers entire ICMP message
Additional information about
error, type of error
Total length
Checksum
32 bits
ICMP header Type and Code indicate the type of
error detected
l Destination unreachable
lnetwork unreachable
lhost unreachable
lprotocol unreachable
lport unreachable
lfragmentation needed
lsource route failed
lRedirect
lParameter problem
lTime exceeded
lTTL exceeded
lreassembly time exceeded
lEcho requEast et Echo reply

40. IP over Ethernet
Detailed example
Examples
IP packet from 10.0.1.22 to 10.0.3.11
IP packet from 10.0.2.9 to 10.0.1.22
IP packet from 10.0.3.11 to 10.0.1.22
IP: 10.0.2.9/24
Eth : B
10.0.1.0/24 via 10.0.2.1
10.0.3.0/24 via 10.0.2.2
ARP table
Empty
IP: 10.0.1.8/24
R default: 10.0.1.1
Eth : C
ARP table
Empty
IP: 10.0.1.22/24
R default: 10.0.1.1
Eth : A
ARP table
Empty
R1
IP: 10.0.1.1/24
IP: 10.0.2.1/24
Eth : R1-West
Eth : R1-East
ARP table
Empty
H1 S2 R2
Hub
Router Switch Router
IP: 10.0.3.11/24
Eth : F
R default:10.0.3.2
ARP table
Empty
IP: 10.0.2.2/24
IP: 10.0.3.2/24
Eth : R2-West
Eth : R2-East
ARP table
Empty

41. The Internet architecture
that students learn
Physical
Datalink
Network
Transport
Application
O. Bonaventure, Computer networking : Principles, Protocols and Practice, open ebook, http://inl.info.ucl.ac.be/cnp3
Physical
Physical
Datalink
Physical
Datalink
Network

42. A typical "academic" network
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
Physical
Datalink

43. The end-to-end principle
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
Physical
Datalink
TCP

44. In reality
– almost as many middleboxes as routers
– various types of middleboxes are deployed
Sherry, Justine, et al. "Making middleboxes someone else's problem: Network processing as a cloud service."
Proceedings of the ACM SIGCOMM 2012 conference. ACM, 2012.

45. A middlebox zoo
http://www.cisco.com/web/about/ac50/ac47/2.html
Web Security
Appliance
NAC Appliance
ACE XML
Gateway
Streamer
VPN Concentrator
SSL
Terminator
Cisco IOS Firewall
IP Telephony
Router
PIX Firewall
Right and Left
Voice
GatewayVVVV
Content
Engine
NAT

46. How to model those middleboxes ?
• In the official architecture, they do not exist
• In reality...
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
Transport
Application
Physical
Datalink
Network
TCP
Physical
Datalink
Network
Transport
Application

47. TCP segments processed by a router
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
IP
TCP

48. Network Address Translators
• Preserves IP addresses by using private
addresses in LAN
– Packets's addresses are rewritten by NAT
Private addresses Public addresses

49. TCP segments processed by a NAT
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options
Source port Destination port
Checksum Urgent pointer
THL Reserved Flags
Acknowledgment number
Sequence number
Window
Ver IHL ToS Total length
ChecksumTTL Protocol
Flags Frag. Offset
Source IP address
Identification
Destination IP address
Payload
Options